[Summit] e2e encryption

Peter Saint-Andre - &yet peter at andyet.net
Thu Feb 5 17:29:12 UTC 2015


On 2/5/15 4:11 AM, Winfried Tilanus wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 02/05/2015 10:48 AM, Bartosz Małkowski wrote:
>
> Hi,
>
>> Did you have a discussion about e2e encryption? Any conclusions?
>
> We did have a short discussion, but main conclusion was that we need
> to make a step on place first: We don't have a clear picture what use
> cases and attack models we want to cover with e2e encryption. We just
> don't know good enough what problem we want to solve.

That's where we always end up. :-)

This document was intended to help and might provide a good starting point:

http://www.ietf.org/archive/id/draft-ietf-xmpp-e2e-requirements-01.txt

Last night I was chatting with Ralph Meijer about e2e encryption, and I 
suggested that we need to make a plan. IMHO we won't make significant 
progress until we have a critical mass of client developers on board. So 
I think we might want to:

1. Get those developers to show up at FOSDEM 2016 and pay for them to be 
there if necessary.

2. Work *hard* on coming to a rough agreement between now and then.

3. Spend FOSDEM / Summit writing code, testing, and hashing out 
technical details.

Peter

-- 
Peter Saint-Andre
https://andyet.com/


More information about the Summit mailing list