Finished the first pass of rethinking how incoming direct messages work in Micro.blog. I still believe that most social networks should not reinvent the wheel with messaging, because it’s unlikely to be as secure as dedicated services like iMessage and WhatsApp. But we roll with what we’ve got.
@manton Hm. There should be a way for users to exchange keys of some kind and then only be able to ‘converse’ directly those who have exchanged. It works for systems, it should work with individuals. You could always revoke a key to block/mute.
@manton I think of DMs on Twitter and Facebook as being fundamentally insecure. I don't put anything confidential in 'em. If I want something to be confidential, I use iMessage or email. And if I want it to be extremely private, I don't put it in writing at all.
@MitchW @manton @archimage Word of warning that unless both parties are using encrypted email, it’s definitely not a secure medium.
Seconding the key exchange idea, which not only is easily revocable but also allows encryption.
@pratik Probably not, at least until I feel that we have a more permanent DM solution. I'm not convinced the Mastodon model is going to stick.
@manton How much would existing spam filters help with managing DMs? I imagine that something like Spamassassin would be helpful to separate out spam. The strategy I've seen to separate out DMs that have not been approved is something that could work too (DMs from people you've approved and then everything else)
@manton I honestly think that Messaging should not be a part of blogging systems. If anything, DMs should be shimmied to email and be more like Apple's hidden email feature. Let people email me a reply to something I write without exposing my email if I choose to allow it. I don't need another inbox/chat platform.
@pimoore Good point. I actually know that, just forgot. I fuss about it when sharing credit card information and passwords.
@jsonbecker @manton Email is under-utilized nowadays. I love messaging and use it all day, every day. But email has virtues that messaging can't replicate.
@jsonbecker Yeah, that is the direction I was trying to go in. It's not obvious how to limit spam and also connect people without exposing real email addresses. And in a way that is compatible across platforms.
@manton Makes sense. Better to ensure it’s as secure as can be. Can have a DM link that’s just sends to their email (instead of asking for it and having to post it publicly).
@manton just curious. Why have one? Why not just let people optionally link to their favorite messaging platform handle for followers?
@manton @jsonbecker I totally agree. I don’t think MB should replicate all functions other activity pub platforms have such as DMs. I don’t need private messages within my blog when there are tools such as email. No need to reinvent the wheel and having a secure way to share email would be the best
@joshl I'd be fine with that, but the problem is Mastodon can send DMs to Micro.blog users. We can't just drop those messages, so we have to do something. And that opens the can of worms.
@manton agreed the only time I want to use direct messaging is to negoiate another form of private communications.
@jsonbecker @manton @pimoore I think @sod has already done most of the work via his Reply by Email plugin. Just wondering how it could fit natively within Micro.blog @vincent
@manton I thought maybe just an email proxy would suffice - DMs sent to subscriber's mailbox and replies are transformed to mask the email address (something like Simplelogin.io's email aliases). :)
