[Ideas] "Public" Group Invites and the Server UI #253

Open
opened 3 years ago by sarah · 0 comments
sarah commented 3 years ago
Owner

Right now, group invites are assumed to be sent via private channels (since they contain a key). ideally they are exchanged over either the secure online peer channel or via some other secure out-of-band channel.

This obviously doesn't work for more public groups (including our alpha group), and thus they inherit far weaker security properties.

It would be nice to provide a way to signal this, either as part of the invite or in generally.

The risks with public groups are mainly that the server hosting the group "discovers" the (public) key, can decrypt the messages (and thus censor, etc). There really isn't anyway around this and it effectively devolves the cwtch group to have the same properties as any other centralized exchange.

I think in the future we should encourage public groups to be hosted on a standalone server (probably utilizing Erinn's new Server UI work) - where we can also provide a nicer invite interface (much like Discord's invite flow)

This properly spells out the risks of public groups (you are trusting the server not to actively censor you), while also expanding the number of potential cwtch servers private groups can potentially use.

Right now, group invites are assumed to be sent via private channels (since they contain a key). ideally they are exchanged over either the secure online peer channel or via some other secure out-of-band channel. This obviously doesn't work for more public groups (including our alpha group), and thus they inherit far weaker security properties. It would be nice to provide a way to signal this, either as part of the invite or in generally. The risks with public groups are mainly that the server hosting the group "discovers" the (public) key, can decrypt the messages (and thus censor, etc). There really isn't anyway around this and it effectively devolves the cwtch group to have the same properties as any other centralized exchange. I think in the future we should encourage public groups to be hosted on a standalone server (probably utilizing Erinn's new Server UI work) - where we can also provide a nicer invite interface (much like Discord's invite flow) This properly spells out the risks of public groups (you are trusting the server not to actively censor you), while also expanding the number of potential cwtch servers private groups can potentially use.
Sign in to join this conversation.
No Milestone
No Assignees
1 Participants
Notifications
Due Date

No due date set.

Dependencies

No dependencies set.

Reference: cwtch.im/cwtch#253
Loading…
There is no content yet.