@eapl.me@eapl.me You asked me for private keys for testing purposes. I have added it to the bottom of this page: https://dm-echo.andros.dev/
It will soon be running. It won’t be long now.

@andros@twtxt.andros.dev Q: Why would you publish the private key? Hmmm 🧐

@andros@twtxt.andros.dev doesn’t this defeat the point of public cryptography?

@prologic@twtxt.net twtxt DM is not a serious DM protocol.

@eapl.me@eapl.me When it is up and running, I promise to add it to the specification. I will also include some corrections.
The nature of twtxt does not allow us to selectively hide clients. It’s a problem not with DM, but with any extension.
@prologic@twtxt.net Yes, it is a security hole. All dm-echo messages are readable. I intend it to be a debugging tool. Maybe I can include a warning message. If many of you see that it is a serious problem, I can remove the links.
@xuu@txt.sour.is It’s already much better than Mastodon :P . Maybe we can remove the sender and receiver references with an intermediary register.