Email or username:

Password:

Forgot your password?
All posts Delta's posts Post Back to profile
Top-level
Janik Besendorf
11 comments
crepererum

@besendorf @delta which under the thread model "key gets leaked" is mostly irrelevant if you don't regularly delete your messages, because if your key gets leaked, it's likely that your device was compromised and the attacker can also read your stored messages (both incoming and outgoing).

Signal offers "disappearing messages", but not many people use it and many other chat apps don't offer similar features.

13 April at 9:26 | Open on mastodon.online
Benjamin Kwiecień 🇵🇸

@crepererum @besendorf @delta I use disappearing messages all the time

13 April at 9:54 | Open on kwiecien.us
Delta Chat

@ben @crepererum @besendorf even if PFS would become part of delta chat e2ee (it is for transport encryption already) it's just one concern out of many and the "but email!" folks would pull out a new obstacle likely :) Besides,
PFS has serious implementation/complexity and multi-device usability repercussions so for now it's not a focus. Meanwhile securejoin.readthedocs.io allows delta users to have guaranteed e2ee even if the servers and intermediate nodes are compromised so there is that.

13 April at 11:32 | Open on chaos.social
Benjamin Kwiecień 🇵🇸
DELETED

@ben @delta @crepererum @besendorf

> PFS has serious implementation/complexity and multi-device usability repercussions so for now it's not a focus.

as a technical (sysadminish) end user, this is my main feeling about the tradeoff of PFS and why i support delta not having it.

signal succeeds with walled environment. I came to delta from snikket, where PFS is enabled but when it fails, group chats break. troubleshooting isn't feasible because all errors are client side, so its a showstopper

13 April at 13:19 | Open on social.coop
crepererum

@stillgreenmoss @ben @delta @besendorf FWIW both "group chats + FS" and "open protocol" are now solved by MLS ( datatracker.ietf.org/doc/html/ ). I think the issue of most chat-oriented protocols is that they don't map to "email" very well, since emails are basically "fire and forget", so key exchanges are harder/slower.

15 April at 14:01 | Open on mastodon.online
DELETED

@crepererum @ben @delta @besendorf this is super interesting. I didn't know about this RFC or effort. Wikipedia entry suggests it's not in use in any end user applications yet, do you know if that's true?

15 April at 14:16 | Open on social.coop
crepererum

@stillgreenmoss @ben @delta @besendorf The RFC was rather recent and I'm not aware of any end-user apps at this point.

15 April at 14:18 | Open on mastodon.online
Delta Chat

@crepererum @stillgreenmoss @ben @besendorf OpenMLS is an almost decade- long effort with the IETF work starting in 2018. We have studied it and are following developments but one known big issue is its dependency on "total message ordering" which can not be easily obtained in federated settings. Several people, including Matrix folks, have tried to remedy it but we do not know of any practical solution to make OpenMLS work reasonably well for non-centralised settings.

16 April at 7:58 | Open on chaos.social
crepererum replied to Delta

@delta @stillgreenmoss @ben @besendorf I wonder what @raphaelrobert 's PoV is here. Are there plans to lift "total message ordering" requirement?

16 April at 8:32 | Open on mastodon.online
Raphael Robert replied to crepererum

@crepererum @delta @stillgreenmoss @ben @besendorf I can say that MLS works well in a federated environment. Federation has always been part of the picture during the design phase. The fact it doesn’t work in Matrix yet is a Matrix problem, not an MLS problem. MLS is part of the (newish) federated MIMI spec and it also works in our stack. Of course it’s still early days for MLS, but it’s already deployed by e.g. Cisco Webex.

16 April at 9:49 | Open on mastodon.social
Go Up