|
|
|
|
|
|
by vetinari
1923 days ago
|
|
|
> if you are part of a chat, any participant can send you the history of the chat. Re-sending parts of the chat kind of removes the guarantees of the secret chat (just like backups defeat the purpose of e2e). These apps have also expiring and non-screenshotable messages, you don't want to resend that. Ideally, all messages sent should be only decryptable by given set of keys (i.e. one key for each device used by each party of the chat; or, depending on the size of the message, ephemeral key used for message encryption, decryptable by each device that is supposed to receive it). Now the key distribution is the non-solved part. |
|
|
Now, secret chats don't necessarily mean "this message can only be read by one device". To answer your second paragrah I disagree: a message shouldn't be sent to a given set of keys but to a given set of participants. Each participant may have one or more devices and should be able to read messages whatever way they want.
Also key distribution is "solved" by not counting on the user to do it but doing it for them: see what Matrix, Signal, Deltachat, XMPP (OMEMO) and probably others are doing.