@eapl.me@eapl.me When it is up and running, I promise to add it to the specification. I will also include some corrections.
The nature of twtxt does not allow us to selectively hide clients. It’s a problem not with DM, but with any extension.
@prologic@twtxt.net Yes, it is a security hole. All dm-echo messages are readable. I intend it to be a debugging tool. Maybe I can include a warning message. If many of you see that it is a serious problem, I can remove the links.
@xuu@txt.sour.is It’s already much better than Mastodon :P . Maybe we can remove the sender and receiver references with an intermediary register.
@andros@twtxt.andros.dev maybe create a separate, completely distinct feed for DM? That way, clients do not need to do anything, only those wanted to “talk in private” follow themselves, using their very special dm-only.txt feeds. 😂
@andros@twtxt.andros.dev Ahh I see 👌
@prologic@twtxt.net Yes, it is a security hole. All dm-echo messages are readable. I intend it to be a debugging tool. Maybe I can include a warning message. If many of you see that it is a serious problem, I can remove the links.
I think that having a dm-only.txt, twtxt-dm.txt or any other name for an alternative file is the most sensible approach. The name could be specified in the metadata.
@prologic@twtxt.net @bender@twtxt.net @eapl.me@eapl.me I think opening another file is a bad idea because it adds complexity to the clients, breaks the single feed and I think keeping legacy clients will be more complex to add new features in the future. A modern approach is important.
I’ll be honest, I’m a bit tired of the fight around the direct message. Perhaps, we can remove it as an extension and use the alternative @prologic@twtxt.net . My suggestion apparently doesn’t like to the community. I have no problem with remove it.