01:28 <ocdtrekkie> TimMc: It worked well for me. The issue with the old one was kinda hit or miss, so it's hard to test.

01:29 <ocdtrekkie> draw.io now actually has someone pushing updates for their Sandstorm app, I think, so try it, and let them know!

06:30 <ill_logic> TimMc: Right. I don't like that they offer it. That's what irks me about it.

06:32 <ill_logic> ocdtrekkie: Ah, okay. So basically I won't have my Twitter handle shown on the Marketplace or what have you?

06:32 <ill_logic> But I can still use GPG to prove continuity.

06:32 <ill_logic> (Though, I don't see the point, since there's the app private key in my keychain)

09:05 <hannes[m]> can i use the electron client of rocket chat with the sandstorm version of it?

09:08 <hannes[m]> using the webkey i get "Auth needed, try username:password@host" :(

16:12 <isd> hannes[m]: https://github.com/RocketChat/Rocket.Chat/issues/1352

16:12 <isd> short answer, not right now.

16:12 <isd> Someone asked this on the mailing list a couple weeks ago

16:18 <isd> On that note, does anyone know how well rocket.chat scales? How many users can be using a grain before it starts to seriously degrade?

16:18 <isd> dwrensha, kentonv: ^

16:31 <ocdtr_web> ill_logic: Yeah, there won't even be an author name on the app market page if there's not a Keybase entry for the key, IIRC.

16:33 <ocdtr_web> But people can still see the key and manually verify it's the same as a public key you have elsewhere. And I believe you can submit entirely without a key, but again, people will not see who published the app, and hence will not know if they can trust it. Theoretically.

18:54 <Zarutian> ocdtrekkie: trust the app with what?

19:39 <mxn-> d

21:40 <ocdtr_phone> I would assume people would tend to trust apps with a signed author more than apps without. But of course, one security goal of Sandstorm is to make it possible to host and use fundamentally untrustworthy apps.

21:41 <TimMc> I wonder if apps can cause arbitrary DNS lookups to occur.

21:41 <TimMc> That's a slow (and noisy) but effective way to exfiltrate data.