* Bartosz Małkowski <bmalkow...@tigase.pl> [2015-01-26 07:58]: > https://blog.thijsalkema.de/me/blog//blog/2015/01/23/multi-end-to-multi-end-encryption/
This is a great writeup. Having multi-device end-to-end encryption with offline storage will significantly improve the security and usability of XMPP for normal people. I'd like to add some more points to the discussion though: a) it is important to allow security-conscious people to actually check the security properties, so the list of devices/keys/fingerprints needs to be exposed to power users, plus additional information messages when the list is extended. b) a protocol/approach for adding devices to the list needs to be created, maybe deploying some kind of cross-signing between one old and the new device? c) it would be great to leverage this to secure file transfers / uploads as well as media streams. d) multi-device end-to-end encryption can also elegantly solve the MUC security problem. Let's do it so. Georg -- || http://op-co.de ++ GCS d--(++) s: a C+++ UL+++ !P L+++ !E W+++ N ++ || gpg: 0x962FD2DE || o? K- w---() O M V? PS+ PE-- Y++ PGP+ t+ 5 R+ || || Ge0rG: euIRCnet || X(+++) tv+ b+(++) DI+++ D- G e++++ h- r++ y? || ++ IRCnet OFTC OPN ||_________________________________________________||
signature.asc
Description: Digital signature
