[Standards] Disappearing timers for OMEMO proposal

Alexander Krotov ilabdsf at gmail.com
Fri May 11 00:05:44 UTC 2018


On Thu, May 10, 2018 at 02:31:27PM +0200, VanitasVitae wrote:
> Am 10. Mai 2018 14:24:47 MESZ schrieb "Remko Tronçon" <remko at el-tramo.be>:
> >I don't see why a XEP for data retention hints needs to be tied to
> >other XEPs like
> >OMEMO, though.
>
> I'd also rather not tie it to OMEMO. The same principle of
> disappearing messages could also be applied with other crypto in
> mind, or even no crypto at all. Remember, this functionality is not
> designed to give you any (serious) security improvements. Its rather
> a function which teenagers find neat and which was implemented in
> Signal for some reason.

Disappearing messages without end-to-end encryption and forward
secrecy are useless at best. They give the user false sense of
security. That is why Telegram implements timers for "secret" chats
only I believe, as I said in the first message.

The function you are talking about ("a function which teenagers
find neat") is not what I described in the first message. I
specifically stated that implementing "snapchat" is a non-goal.
This function works only if message contents is never distributed
outside the small trusted group of users.

Use case I have in mind is when the contents of your device is
leaked some time later after *private* conversation. Forward secrecy
alone does not help if message contents is retained. There is no
reason to securely delete old keys if you retain plaintext message
on the same device.

I will try to describe it as clearly as possible in the "Use Cases"
section. As all previous discussions on disappearing messages (this
list, GitHub, etc.) show, it is always the source of confusion.


More information about the Standards mailing list