Replying to lacaulac

Is this in order to make sure a proxy relay wouldn't shadow ban the user or filter what they receive ?
Avatar
Vitor Pamplona 3y ago

To make sure you don't get censored by your own relay (through government relay without you knowing about it). If gov is in the middle, you can sign as much as you want. The message is not going out.

Reply to this note

Please Login to reply.

Discussion

8c
lacaulac 3y ago

Yeah, I'm unsure how that could be implemented, unless you're (like SSH haha) encrypting the client<->relay comms (which might also be on top of HTTPS, as most relays run websockets over https) using the server's "known" pubkey

Avatar
Vitor Pamplona 3y ago

Is there a protocol to make sure the key used for the wss is the expected one? Or is it like https where the client just takes any valid certificate that comes in?

8c
lacaulac 3y ago

The HTTPS certificate needs to correspond to the relay's domain and be signed by a valid entity. But I wouldn't be surprised if chinese software had a Governement-issued root certificate authority, which means the gov could craft certificates that'd be "valid"