[nybble41]

In this case authentication is provided through a shared secret (the room name). An arbitrary MitM wouldn't know the room name since the connection to the server is also encrypted. Unfortunately this isn't much of a secret, since the server also knows the room name, but it's a start. There is an open issue to add password-protected rooms which would fix that problem.

[Andrew_nenakhov]

In most e2ee threat models the biggest source of threat is the server that mediates the data exchange. Other threats are sufficiently thwarted with TLS, so ... ... these Briefing guys should better bring on these password protected rooms if they want to put this end to end encryption claim on their website.