Re: [Standards] OMEMO Discussion Summary 2017

2017-06-28 Thread Vanitas Vitae
Hi! In my recent GSoC blog post I included a small overview of the OMEMO discussion and available options for future development. I thought this might help someone who did not follow the discussion the past weeks. Note: The post contains my personal opinion :)

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-24 Thread Remko Tronçon
On 22 June 2017 at 09:48, Daniel Gultsch wrote: > Questions for OMEMO-NEXT for the new author to collect feedback on. > (Each of them deserves it's own thread) > Another category of questions that I think need to be added to that list is around key exchange and trust, bearing

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-22 Thread Vanitas Vitae
Hi Dave :) Am 22.06.2017 um 00:03 schrieb Dave Cridland: > With OX dead in the water, that leaves MIKEY-SAKKE, for the enterprise > and (UK) government, and OMEMO, for the consumer. > > It's mildly annoying to have two entirely incompatible crypto > protocols, but in fairness they're two almost

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-22 Thread Daniel Gultsch
OK. Let's move on then. It seems like people are mostly fine with The Compromise™. Council will vote on publishing my PR as OMEMO version 0.3 next week. And I currently have no reason to expect that it will get vetoed. Afterwards we need to decide on a new author for the XEP to drive the change

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-22 Thread Florian Schmaus
On 22.06.2017 08:45, Chris Ballinger wrote: > Unlike most of those things you've mentioned, SignalProtocol (the > protocol and reference libraries) has been extensively studied, audited, > and widely deployed to billions of mobile devices. Other than Signal > itself (a few million users), it's in

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-22 Thread Dave Cridland
On 22 Jun 2017 07:48, "Chris Ballinger" wrote: Unlike most of those things you've mentioned, SignalProtocol (the protocol and reference libraries) has been extensively studied, audited, and widely deployed to billions of mobile devices. Other than Signal itself (a few

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-22 Thread Dave Cridland
On 21 Jun 2017 23:53, "Peter Saint-Andre" wrote: On 6/21/17 4:03 PM, Dave Cridland wrote: > On 21 June 2017 at 15:35, Tobias Markmann wrote: >> Here my long overdue summary of recent OMEMO discussions. Feel free to point >> out errors and what not.

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-22 Thread Chris Ballinger
Unlike most of those things you've mentioned, SignalProtocol (the protocol and reference libraries) has been extensively studied, audited, and widely deployed to billions of mobile devices. Other than Signal itself (a few million users), it's in WhatsApp (1.2 billion users), Facebook Messenger

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-21 Thread Peter Saint-Andre
On 6/21/17 4:03 PM, Dave Cridland wrote: > On 21 June 2017 at 15:35, Tobias Markmann wrote: >> Here my long overdue summary of recent OMEMO discussions. Feel free to point >> out errors and what not. > > The only thing I'd add is a little history. I might wax a little >

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-21 Thread Dave Cridland
On 21 June 2017 at 15:35, Tobias Markmann wrote: > Here my long overdue summary of recent OMEMO discussions. Feel free to point > out errors and what not. The only thing I'd add is a little history. I might wax a little cynical in this. When I started working with XMPP

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-21 Thread Daniel Gultsch
2017-06-21 19:02 GMT+02:00 Remko Tronçon : >> I somehow got the feeling that some people on this mailing list actually >> don't want the OMEMO standard to evolve, when it does not include the >> changes they want. > > > I agree, I get the same feeling. In case you two are not

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-21 Thread Sam Whited
On Wed, Jun 21, 2017 at 11:30 AM, Ignat Gavrilov wrote: > We might release some of our non-libsignal-based development later this year > as open-source, but I bet it will be GPL licensed and not under one of those > "make money with third-party software and run

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-21 Thread Kevin Smith
On 21 Jun 2017, at 18:03, Daniel Gultsch wrote: > > 2017-06-21 18:58 GMT+02:00 Daniel Gultsch : >> I think the meaning of that compromise is overstated. >> The main reason for doing this is that we have a stable version which >> can be addressed and linked

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-21 Thread Sam Whited
On Wed, Jun 21, 2017 at 12:03 PM, Daniel Gultsch wrote: > I'm open to comments on whether people think hosting it in the attic > or on my own web space is the better idea here. I certainly think it would be better to have it somewhere "official" (in the XSF's webspace). I do

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-21 Thread Remko Tronçon
Hi Ignat, I somehow got the feeling that some people on this mailing list actually > don't want the OMEMO standard to evolve, when it does not include the > changes they want. > I agree, I get the same feeling. > As it seems to be the "compromise" to not evolve OMEMO in the near future > and

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-21 Thread Daniel Gultsch
2017-06-21 18:30 GMT+02:00 Ignat Gavrilov : > I somehow got the feeling that some people on this mailing list actually > don't want the OMEMO standard to evolve, when it does not include the changes > they want. > > Even though the Andy's ODR proposal is not

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-21 Thread Ignat Gavrilov
Hi, I'd like to add a comment here (my final one). I somehow got the feeling that some people on this mailing list actually don't want the OMEMO standard to evolve, when it does not include the changes they want. Even though the Andy's ODR proposal is not generally in conflict with the

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-21 Thread Kevin Smith
On 21 Jun 2017, at 15:47, Peter Saint-Andre wrote: > > Thanks for the summary, Tobias! > > On 6/21/17 8:35 AM, Tobias Markmann wrote: > > >> With that, the media and client developers can point to the version of >> XEP-0384 that is currently widely implemented and the XSF

Re: [Standards] OMEMO Discussion Summary 2017

2017-06-21 Thread Peter Saint-Andre
Thanks for the summary, Tobias! On 6/21/17 8:35 AM, Tobias Markmann wrote: > With that, the media and client developers can point to the version of > XEP-0384 that is currently widely implemented and the XSF community is > free to improve the end-to-end security standard OMEMO in XEP-0384 >

[Standards] OMEMO Discussion Summary 2017

2017-06-21 Thread Tobias Markmann
Hi, Here my long overdue summary of recent OMEMO discussions. Feel free to point out errors and what not. Cheers, Tobi Overview The OMEMO protocol [0, 1] aims to bring end-to-end security to XMPP. It is currently based on the Signal [2] protocol. At its core it is based on