JeffG wrote

rich1.0JeffG wroteJeffG (npub1zu…6c2uc)https://yabu.me/npub1zuuajd7u3sx8xu92yav9jwxpr839cs0kc3q6t56vd5u9q033xmhsk6c2ucnjumphttps://yabu.meFor those wondering about my thoughts on nostr:nprofile1qy2hwumn8ghj7etyv4hzumn0wd68ytnvv9hxgqgdwaehxw309ahx7uewd3hkcqpqexv22uulqnmlluszc4yk92jhs2e5ajcs6mu3t00a6avzjcalj9csna6fpr 's latest article about MLS. tl;dr - I think it's pretty balanced and describes something that we (and the MLS folks) have known from the start. If you have a centralized identity/authentication service telling you who is who, you are trusting them with a pretty important part of the system. As he points out, NIP-EE (the spec about how to use MLS on Nostr) and, by extension, White Noise doesn't have the authentication service problem because Nostr is our AS. We use pubkeys for identity in groups and you're trusting the key package events signed by those keys when you're adding someone to a group. ✅ In general, this is an issue for other MLS implementations though. The authentication service is a "trusted" third party, with all the trappings. AFAICT, the "participation privacy" question is about relays being able to see what groups you're in via the group ID values you're requesting events for. There are two points to make here. First, relays can see what group IDs a given IP address is requesting events for. I believe that we have mitigated this pretty well since we're using random (and rotating) identifier(s) for each group (yes, by design, a single group have more than one visible ID value at a time). Obviously, this is also mitigated by using a VPN or Tor to make requests to relays. We don't yet but White Noise will eventually break up these requests into lots of different reqs/subscriptions (probably done over Tor or something similar) to help here. One thing that he didn't mention but is worth talking about; relays see events with a given "h" tag (the group ID I talked about above). Practically, this means that watching a given group ID value gives relays some idea of the relative amount of activity for a given group. Critically though, they can't see the number or identities of it's members, since all those messages are published via ephemeral keys. It's just a relative amount of activity (at least until the group rotates it's group ID). Happy to answer more questions from folks on the article or on MLS. nostr:nevent1qvzqqqqqqypzqpxfzhdwlm3cx9l6wdzyft8w8y9gy607tqgtyfq7tekaxs7lhmxfqyvhwumn8ghj7urjv4kkjatd9ec8y6tdv9kzumn9wshsz9mhwden5te0wfjkccte9ec8y6tdv9kzumn9wshszxnhwden5te0wdjkuerfwshxummnvekxzun99e3k7mf0qqsyyg7y3vx65xm4l6n4wns3wjj08htwswvt7r4du2e73tk9099gqzq82dzp2