Hi Filippo - this is a very good point. What would be the most karmic mode right now for authenticated crypto? ChaCha20+Poly1305? I mean, we have a blank slate..
-
-
Replying to @PowerDNS_Bert @FiloSottile
Hmm, I was under the impression you were opposed to end to end encryption because it prevents monitoring of end user activity by network administrators? (This is from a recent discussion of DoH)
1 reply 0 retweets 0 likes -
Replying to @taviso @FiloSottile
I am not - I am very much in favour of offering people encrypted end to end communications. I am also very much in favour of network operators being able to have visibility in what the equipment on their networks is connecting to. These are different things. 1/2
1 reply 0 retweets 0 likes -
Not every network is a zone where anything should be possible & unobserveable at all times. If you make it so that your technologies turn every network into a free for all, expect (enterprise) network operators to escalate. 2/2
1 reply 0 retweets 0 likes -
Replying to @PowerDNS_Bert @FiloSottile
I see, how would you implement your philosophy on this topic for a messaging protocol? Encrypted messaging, but cleartext metadata? (fwiw, we disagree on this topic, just trying to understand your viewpoint)
1 reply 0 retweets 0 likes -
Replying to @taviso @FiloSottile
Does Google do any monitoring through its networks? Or have you found a way to do it all on the endpoints? Because this is the big issue - can you somehow influence and monitor what devices can do from the network or not. 1/2
1 reply 0 retweets 0 likes -
Regarding the end-two-end instant messaging, in my world, enterprise network operators may decide that they won't offer that to their employees on their network, and that they'd be able to study attempts to circumvent this. This is a choice I'm hoping they'd be able to make. 2/2
1 reply 0 retweets 0 likes -
Replying to @PowerDNS_Bert @FiloSottile
That is quite a difficult answer to parse, if I understand correctly, you're saying you'll support end to end encryption in the same way that POP3 supports end to end encryption - i.e. you won't stop people using PGP over it?
1 reply 0 retweets 0 likes -
Replying to @taviso @FiloSottile
So from a corporate setting, you would for example still see large PGP messages leave the company. You'd be very interested in that. But let us get back to my other question: do you see value in monitoring things from the network? Or should you just ignore that?
1 reply 0 retweets 0 likes -
Replying to @PowerDNS_Bert @FiloSottile
I don't really want to debate that, but rest assured I understand your argument and the "going dark" thing. I just wanted to understand how your views on this topic will influence the messaging protocol you're proposing, I'm not saying it's good or bad.
2 replies 0 retweets 0 likes
e.g. "We will implement default-on end-to-end encrypted messages, but we're opposed to default-on encrypted metadata, such as recipients, attachment names, links, etc", I'm not making a judgement call - but I do think it should be clearly documented - this is important to people.
-
-
Replying to @taviso @FiloSottile
Good points. I only involved myself into the encryption discussion today - this is from another department of the company. DoH is my game. Will figure it out.
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.