2 Jun
2026
2 Jun
'26
6:36 p.m.
Le mardi 2 juin 2026, 17:06:27 heure d’été d’Europe centrale Marvin W. via
Standards a écrit :
Hey,
I am a little confused about what is the intended scope of a XID, that
is, what it is meant to identify? A device/resource? An entity? A user?
Multiple users? A human?
An entity (which can be a person, a bot, a group of human, whatever), but not
a device.
If we are fine with binding a XID to a specific
device/resource, we
could "just" use the OMEMO public key for it. Then binding the XID to a
specific user in a cryptographically sane way would just be the same
issue as doing that for OMEMO (which while not entirely solves, has a
lot of work put into it) and there would be no additional identity or
key management tasks.
OMEMO is per-device, it doesn't work here. It's also far more complicated to
implement. OX could be used, but the key sharing mechanism is not specified
anyway, and again it's more complicated to implement the whole thing (and it's
not widespread). The current implementation is relatively easy for most
clients, as Ed25519 is already used for OMEMO.
This reminds me of something I had in mind for
reviving XEP-0174:
adding a TXT key that carries a signature of other parts of the mDNS
records, so that one can discover that a known OMEMO contact is nearby
and send messages to them directly rather than through the server.
One of the main purpose of this proposal is to have a ID working for
serverless, on which I'll be working soon. I've chosen something easily
mappable to LibP2P's Peer ID.
Best,
Goffi