[mwest]

In theory you can use OTR[1] but I've yet to see an easy way to use this from a phone.

I remember IRC very fondly, but I feel it has a lot of baggage that makes it difficult to bring into the modern era.

This blog post (not mine) explains it quite well: https://jlu5.com/blog/im-tired-of-irc-heres-why

[1] https://otr.cypherpunks.ca/

[upofadown]

OTR doesn't do groups. So it isn't really applicable to IRC. At this point, I am not really sure that end to end encryption is generally applicable to groups. The identity management problem quickly spirals out of control. I note that Telegram doesn't even try. I think the best that can be done is a scheme that makes everyone entirely trust the moderator of the group.

[nix23]

>At this point, I am not really sure that end to end encryption is generally applicable to groups.

You encrypt the message with all the public key's from persons in the group, what's the problem? You do it the same way with Mail...aka pgp.

You don't need OTR just plain old gnupg:

https://www.gnupg.org/gph/en/manual/x110.html

[upofadown]

Each participant needs to verify each and every other participant. So for 2 participants that's 2 verifications. For 3 participants that is 9 verifications. For 4 it's 16. The square of the number of participants. With just 30 participants that works out to 900 verifications ... and who actually knows 30 people on the internet? Even if you could do the verification in a technical sense it wouldn't mean anything.

If you get a whole bunch of people together in real life for a meeting then chances are one or more of them is going to leak what happened. The problem is to a great extent inherent.

[nix23]

Man you never hear of a trust-chain? How do you think end to end encryption works otherwise?

And no you don't need to verify each other keys, since every one has his public key you obliviously trust, you just try to make an excuse for not knowing how e2e works.