[Wikitech-l] Re: Content Credentials

22 Nov 2024


      On 2024-11-22 (Fri) 22:25:58+09:00, bawolff bawolff+wn@gmail.com wrote:
...
Essentially they are just some metadata signed with a public key. The idea
is that the owner of the public key is responsible for verifying everything
is true. But we allow randoms to upload files so i don't think it makes
sense for us to sign these things.
Or even more so given that you have to pay a bunch of money to CAs. (because LE doesn't issue certs required for this stuff — S/MIME or 'Document Signing' certificates)
In theory WMF has the resource to buy the certificate, but IMO that would be a gross waste of donor money. (Or if they demand each user purchase the certificate, that might quickly go useless for our use case. I didn't read the docs beyond the 'you need to purchase' part.)
-- 
----
revi | 레비 (IPA: lɛbi)
- https://revi.xyz
- he/him https://revi.xyz/pronoun-is/
- What time is it in my timezone? https://issuetracker.revi.xyz/u/time
- OpenPGP https://revi.xyz/pgp/
- In this Korean name https://en.wikipedia.org/wiki/Korean_name, the family name is Hong https://en.wikipedia.org/wiki/Hong_(Korean_surname),
  which makes my name HONG Yongmin.
- My texts (excluding quotes marked with `>`) to public mailing lists
  are licensed under CC BY ND 2.0 KR https://creativecommons.org/licenses/by-nd/2.0/kr/.
- I reply when my time permits. Don't feel pressured to reply ASAP;
   take your time and respond at your schedule.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

[Wikitech-l] Re: Content Credentials