I was struggling to wrap my head around how federated social media works until I realized that email has basically been doing the same thing for 30 years. Different email servers are like instances of a federated network. You can send emails to people from within a single server or you can send emails to people on any other mail server. Your email address is a username followed by an ‘@’ and the server address, just like on Lemmy. Email is a decentralized service I’ve been using the whole time!

    • damn@lemmy.fmhy.ml
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Email with PGP is very far from secure. No forward secrecy (one mistake and the entire thread history is revealed) and metadata is unencrypted.

    • eddythompson@beehaw.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      PGP email has nothing to do with the email protocol. All your message metadata and headers are still not encrypted/can’t be encrypted. You can only encrypt some payload with a PGP key, and it’s up to the receiver to figure out whether or not they want to trust any of the message metadata. The entire envelope is still plaintext everywhere. PGP email is just email, but you’re sending some random encrypted text in it.

      • vodnik@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Encryption was illegal back in those days, especially for export. Google “crypto wars”.

        • 777@lemmy.ml
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Furthermore it was quite computationally expensive. Modern CPUs have special instructions to work with AES and other algorithms, but back then it had to be done with individual instructions and with slow clock speeds.

      • Justin@lemmy.jlh.name
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It takes effort to set up a PGP client and the person you’re sending it to probably doesn’t have PGP set up. It’s used for some confidential journalism and whistle blowing stuff, but since everybody just uses webmail anyways, it’s not practical to use.