This is a draft of what I'll hopefully be submitting to Rebooting Web of Trust. If anyone would like to take a look, constructive feedback welcome:
@emacsen Hey, thanks for putting this all down on paper! some thoughts:
- I don't understand what ocap inboxes achieves over the current ability of moderators and users to block individual actors. how does this meaningfully improve spam-fighting abilities?
- You mention two methods for "Closing the Relay Hole", which both seem very similar to the discussion on https://github.com/w3c/activitypub/issues/319. You seem to gloss over the backwards-compatibility issues though—have you put thought into how you would implement this?
It seems like anyone can request a new preferred inbox from me at any time, and then if they do so and abuse it, I can stop looking at messages sent to that inbox (like a burner phone number). But then the attacker can just request another inbox from me, right? I don't know ahead of time which stranger to grant/deny an inbox to; if I did, spam and harassment wouldn't be an issue.
Two reasons. Firstly, because ACLs are hard to maintain. They're complex to use, complex to set up, complex to maintain computationally. You can get further with OCAP with less complexity.
Second reason is that OCAP allows for transferability. If I trust you to get ahold of me, I might also trust you to be responsible enough to give someone else my direct line. That's simply not possible with ACLs.
@emacsen I do like the transferability that capability URLs have, like Flickr's guest passes. Even if you don't have an account, or I didn't list you specifically but my friend trusts you, they can hand along a special URL which lets you read/see something. There's some extra UI for tracking/revoking those URLs, but it's not terribly burdensome. I haven't seen capability URLs used for write access as often.
Maybe it just doesn't seem to me that most of the problems with spam/harassment are people I know or friends-of-a-friend getting blocked. Is whitelisting of people I already follow/interact with a difficult challenge that I just haven't experienced?
emacsen.net is one server in the network