Labels Milestones

New Issue

[Ideas] "Public" Group Invites and the Server UI #253

Open

opened 4 years ago by sarah · 0 comments

sarah commented 4 years ago

Owner

Right now, group invites are assumed to be sent via private channels (since they contain a key). ideally they are exchanged over either the secure online peer channel or via some other secure out-of-band channel.

This obviously doesn't work for more public groups (including our alpha group), and thus they inherit far weaker security properties.

It would be nice to provide a way to signal this, either as part of the invite or in generally.

The risks with public groups are mainly that the server hosting the group "discovers" the (public) key, can decrypt the messages (and thus censor, etc). There really isn't anyway around this and it effectively devolves the cwtch group to have the same properties as any other centralized exchange.

I think in the future we should encourage public groups to be hosted on a standalone server (probably utilizing Erinn's new Server UI work) - where we can also provide a nicer invite interface (much like Discord's invite flow)

This properly spells out the risks of public groups (you are trusting the server not to actively censor you), while also expanding the number of potential cwtch servers private groups can potentially use.

Right now, group invites are assumed to be sent via private channels (since they contain a key). ideally they are exchanged over either the secure online peer channel or via some other secure out-of-band channel. This obviously doesn't work for more public groups (including our alpha group), and thus they inherit far weaker security properties. It would be nice to provide a way to signal this, either as part of the invite or in generally. The risks with public groups are mainly that the server hosting the group "discovers" the (public) key, can decrypt the messages (and thus censor, etc). There really isn't anyway around this and it effectively devolves the cwtch group to have the same properties as any other centralized exchange. I think in the future we should encourage public groups to be hosted on a standalone server (probably utilizing Erinn's new Server UI work) - where we can also provide a nicer invite interface (much like Discord's invite flow) This properly spells out the risks of public groups (you are trusting the server not to actively censor you), while also expanding the number of potential cwtch servers private groups can potentially use.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

fixups

master

stable-blockers

search

crForceDisconn

server-update

conversation_search

fixCR

deletecontactfix

startupbugs

font-setting

events

handleStatus

fuzzbot

code-fixes

fixpanic

autodownload

esi

eventhooks

autobindings

contactRetryDisconn

priority

createProfileAttr

serverAccept

connectionLogic

fixdeletep2

cached_tokens

indents_and_tools

go_update

protocl_engine_shutdown_fix

timeout_fixes_tokens

fixShutdown

networkAfterOnline

surface-tokens

updateDrone

thread_works

file_sharing_fixes

cbump

emitVer

cleanAndNoDupImport

filesharing-persist

mgroups

tapir-gc

winExport

perf

plugins

healthTime

parseScope

send

sendRetId

nc

import_export

state

profile_images

fastercwtch

tapir0.5

sender_side_previews

hash

1.7conn

1.6_conn

fixAcceptBlock

storage_engine_refactor

publicname

v0.24.5

v0.24.4

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.1

v0.23.0

v0.22.2

v0.22.1

v0.22.0

v0.21.0

v0.20.8

v0.20.7

v0.20.6

v0.20.5

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.7

v0.19.6

v0.19.5

v0.19.4

v0.19.3

v0.19.2

v0.19.1

v0.19.0

v0.18.10

v0.18.8

v0.18.4

v0.18.3

v0.18.2

v0.17.3

v0.17.2

v0.17.0

v0.16.8

v0.16.7

v0.16.6

v0.16.2

v0.16.1

v0.16.0

v0.15.1

v0.15.0

v0.14.19

v0.14.18

v0.14.17

v0.14.16

v0.14.15

v0.14.14

v0.14.12

v0.14.11

v0.14.8

v0.14.7

v0.14.6

v0.14.2

v0.14.1

v0.14.0

v0.13.2

v0.13.1

v0.13.0

v0.9.2

v0.9.1

v0.9.0

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.12

v0.8.11

v0.8.10

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

v0.7.2

v0.7.1

v0.7.0

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.10

v0.6.1

v0.6.0

v0.5.1

v0.5.0

v0.4.9

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.11

v0.4.10

v0.4.1

v0.4.0

v0.3.9

v0.3.8

v0.3.7

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.16

v0.3.15

v0.3.14

v0.3.13

v0.3.12

v0.3.11

v0.3.10

v0.3.1

v0.3.0

v0.20.4

v0.2.1-pr-1

v0.2.1-pr

v0.2.0

v0.2

v0.18.9

v0.18.7

v0.18.6

v0.18.5

v0.18.1

v0.18.0

v0.17.1

v0.16.5

v0.16.4

v0.16.3

v0.15.2

v0.14.9

v0.14.5

v0.14.4

v0.14.3

v0.14.13

v0.14.10

v0.13.3

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

Labels

Apply labels

Clear labels

applications BLOCKED bug design duplicate enhancement fixed? funding-needed help wanted infrastructure invalid payments qubes question ready-for-implementation refactor spam tapir-server testing tor wontfix

No Label applications BLOCKED bug design duplicate enhancement fixed? funding-needed help wanted infrastructure invalid payments qubes question ready-for-implementation refactor spam tapir-server testing tor wontfix

Milestone

Set milestone

Clear milestone

No items

No Milestone

Assignees

Assign users

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: cwtch.im/cwtch#253

Write Preview

Loading…

Cancel

Save

There is no content yet.