[buboard]

> "host" hasn't been a host in a long time,

Does SXG make this better or worse?

> ensures that it was created using the private keys

signing at the server ensures that it was created using the key AND served from a host they control. How is that not better?

> you can't represent your content

wouldn't the server sign all http responses by default? all you would need to do is upload a file

[danans]

> wouldn't the server sign all http responses by default? all you would need to do is upload a file

No, the content has to be signed when it is created, in the content management system or similar content creation tool, not when the server sends it. The content management system itself must have strong controls on it (ACLs, controlled user accounts, protected private keys stored only on encrypted and access controlled media, regular audits, etc).

Basically the server itself is no longer trusted as the arbiter of content authenticity, the actual content creator is. Concretely, when the editor at a publication approves an article after reviewing it, it is signed for delivery at the moment of publication, not at the moment that the request is served.

[buboard]

so that means i can sign a page on the editor's computer, take it with me and serve it to amp from my website? that sounds even more dangerous tbh. it delegates security from people who may know a little bit about it (web hosts) to people who likely know nothing about it (writers)

what happens if someone's key is stolen and they need to re-issue it? All the previously published copies are now invalid?