[upon_drumhead]

> I built a bare bones version of KittyCal for my partner and myself because we wanted a private calendar

I understand how this is a private calendar for you, the author, but can you expand on how it's a private calendar for the rest of us?

Can you just read our content?

[martin_dd]

Good point. I can read your content but I promise I won’t.

[d1sxeyes]

If you want to develop further on this, you could offer some kind of E2EE version where you generate a shared secret (and use the QR code for sharing), and each device can use that to encrypt and decrypt the calendar information. You would have no knowledge of the content because the shared secret is generated on-device and never sent to the back end.

Drawback is that then you need to make some decisions about whether you encrypt the metadata (i.e. the times and durations of the event) or not. If you don't, well, [metadata is data](https://ssd.eff.org/module/why-metadata-matters). If you do, then the clients have to fetch everything from the server and any display/filtering/etc need to be done on the client. It's not impossible, you could look at some kind of syncing database like PouchDB, for example, but it adds complexity.

[ramon156]

I think I know enough, no hate but I expected a local-first solution