[qrmn]

XML was probably a mistake. Strong, deniable, end-to-end encryption should be mandatory. The Axolotl ratchet is the current state-of-the-art: maybe it does asymmetric things we don't need, or maybe that's helpful.

Looking forward: metadata protection. This is a much more difficult-to-solve problem, but existing tools such as Tor are partially successful.

[JoshTriplett]

> Strong, deniable, end-to-end encryption should be mandatory.

Strong end-to-end encryption with perfect forward secrecy should be mandatory. Deniable authentication (https://en.wikipedia.org/wiki/Deniable_authentication), however, seems like a potentially interesting option but not one that the protocol should mandate. Sometimes you do want authentication that remains valid after the conversation ends, so you can subsequently authenticate the messages in it.

[lambau]

Pond uses Tor for metadata protection. Vuvuzela is another recent messenger that protects metadata.

[andrewflnr]

It you need that, why wouldn't you just tunnel your new protocol over Tor?

Edit: metadata protection, I mean. I'm not disputing the need for encryption.