End to End Encryption SIG - 2021-09-20

you know of this WG right? https://datatracker.ietf.org/group/mls/about/ It's about creating a standart for message encryption in groups their MUC: xmpp:mls@jabber.ietf.org?join

another one?

nice thing about standards

they hope to reach interoperability.

like OTR?

L29Ah: MLS is designed to be agnostic over the chat protocols in use and instead defines terminology and features in a high-level way.

so like OTR

I guess? I haven't looked much at OTR

But MLS is specifically designed for reasonable big group chats in the style of Matrix' megOlm. And at least the OTR that I used didn't really do that whole more than two party all that well :)

The worst outcome anyway is that it ends up like SASL where everybody implements it by hand anyway and then only does the subset of features they specifically want meaning stuff isn't interoperable again. The best outcome is it ends up like TLS where just about everything that's vaguely stream-orientated can now be transport encrypted with very little efford on the developers part and as a result of MLS being that way almost all chat is now fully e2ee. ✏

Originally the MLS folks planned to design MLS such that it would work cross-protocol, but I believe thats no longer a high-priority goal for them

Cross-protocol support would have been awesome though

Imagine e2ee cross bridges

Well its still possible if I haven't misread the spec. The bridge has to translate a few things between hither and yonder but it doesn't have to MITM the encryption

Well, there is no common message format (apart from some old rusty thing called XMPP)