We need transport e2e encryption of at least the RevealSecret Message as of #473. Please provide requirements/feedback/opinions/additions in this issue to move it forward.
After discussion with @ulope we came up with two ways of approaching this:
1. Use Matrix libolm library
Ups:
- We don't need to build it
- We don't need to maintain it
Downs:
- coupling with matrix
- we rely on matrix's security
2. Transport agnostic encryption with TLS
Use a Public room/endpoint registry for matrix/udp to publish an X.509 signed by an address to establish a TLS connection between two nodes.
Ups:
- No coupling with matrix
- TLS is battle tested
Downs:
- We have to build it
- We have to maintain it
We need transport e2e encryption of at least the RevealSecret Message as of #473. Please provide requirements/feedback/opinions/additions in this issue to move it forward.
After discussion with @ulope we came up with two ways of approaching this:
1. Use Matrix libolm library
Ups:
Downs:
2. Transport agnostic encryption with TLS
Use a Public room/endpoint registry for matrix/udp to publish an X.509 signed by an address to establish a TLS connection between two nodes.
Ups:
Downs: