In which I export this picture and discover that Lightroom now supports C2PA, so I dig into the feature and tools; there is real high-value progress here, but also problems: https://www.tbray.org/ongoing/When/202x/2024/10/29/Lane-Provenance

timbray@cosocial.ca

In which I export this picture and discover that Lightroom now supports C2PA, so I dig into the feature and tools; there is real high-value progress here, but also problems: https://www.tbray.org/ongoing/When/202x/2024/10/29/Lane-Provenance

I think this is important stuff.

#photography #provenance #DigitalSigning

jyasskin@hachyderm.io

@timbray Could you figure out where they're doing the signing, and what input that process gets? To be secure, the signing key has to be on their server, and the server has to verify that all the edits it's attesting actually produce the output image, but it looks like you're requesting this signature from a local application.

eeeps@front-end.social

@timbray Have you looked at the identity assertion stuff that's been proposed, simultaneously with the "Creator" assertion being removed from the core spec in C2PA 2.0? I still haven't wrapped my head around it. https://creator-assertions.github.io/identity/1.1-draft+ica-overview/ cc) @scouten

timbray@cosocial.ca

@eeeps @scouten Hmm. I really find the C2PA community conversation hard to follow, they have a lot of super specialized language. Someone needs to write a human-readable discussion of what's going on.

timbray@cosocial.ca

@jyasskin Hmm, Lightroom works by recording a set of edits against the original bits, which remain untouched. If I were implementing this I’d call back from Lr to SomeApi.adobe.com with the list of edits, to get the signature. The risk, of course, is attacker software that impersonates Lr. That would be possible in principle, but difficult enough that the $5 wrench technique would probably be a better choice?

luis_in_brief@social.coop

@timbray this is important, or at least potentially important stuff; thanks for continuing to report out on it.

brooke@bikeshed.vibber.net

@luis_in_brief @timbray aaaahhh i think i get it now... this is like signing git commits -- it doesn't prove your image/patch was "good" or "not evil" but you can follow the provenance chain from where you signed it on down, and allow general reputation management to be reasoned about a bit

I'm not 100% convinced on git commit signing either but I can see possible usefulness there.

Neat!

luis_in_brief@social.coop

@brooke @timbray yeah, it’s “just” provenance but that’s potentially a very big thing—if it gets baked into a lot of tools and then into user expectations.

Or it could just be another thing that further bifurcates digital elites from normies.

Or could go nowhere at all.

brennen@federation.p1k3.com

@luis_in_brief @brooke @timbray my honest expectation is that last thing, but i guess i'm glad somebody's making the attempt.

timbray@cosocial.ca

@brennen @luis_in_brief @brooke It's just not “somebody”, check out the list of boosters: https://contentauthenticity.org