Konfidi and Atom
We can't do multipart/signed whole Atom documents because the the many elements may have many authors (e.g. aggregrated feeds; blog comments)
- Publishing/blogging/commenting interfaces would have to support signatures.
- probably the software uses a regular input screen, then renders the Atom XML for the user to XML-sign (with a browser plugin?) and resubmit
- otherwise, the software would have to have a copy of the user's private key, which is riskier, but more user-friendly
- Use the signatures in the Atom Syndication Format document
- Clients would validate the signatures and issue konfidi requests for each
- personal aggregrating clients would hide those below a certain trust threshold
- when blog software renders an HTML page, it would hide comments that the post owner does not trust
- it (probably) should not hide comments in the Atom feeds, because the feedreader client can do the filtering at a more personal level
Random thought: Could the title, content, etc be separately PGP clearsigned or multipart/signed within multipart/form-data (manually or by a browser plugin) before form submission... and then translated into XML signatures on the respective elements?