Conversation

Notices

1. Embed this notice
   Delta Chat (delta@chaos.social)'s status on Tuesday, 21-Jan-2025 03:17:56 JST Delta Chat

   Much of what is commonly said about #email and #openpgp is wrong. It can very well be fast and secure and that's a claim backed by working code and deployments and audits (#chatmail servers and the #deltachat family of apps). There is no both-sides-have-opinions game to be played here. Internet-scale messaging alternatives are arguably either centralized or brittle. There is however much room for further improvements including deep changes in how we commonly understand email today. Stay tuned :)

   • Embed this notice
     Martin Schmitt #NochNieCDU (unixtippse@mastodon.online)'s status on Tuesday, 21-Jan-2025 03:18:36 JST Martin Schmitt #NochNieCDU

     in reply to

     • me

     @delta @me Crosspoint had PGP-encrypted email subjects in what must have been 1992 or 93. 🤔

     feld likes this.
   • Embed this notice
     Delta Chat (delta@chaos.social)'s status on Tuesday, 21-Jan-2025 03:18:37 JST Delta Chat

     in reply to

     • me

     @me subject lines are encrypted with delta since 2018 ;) for more info see https://delta.chat/en/help#message-metadata and the whole section around encryption.

   • Embed this notice
     me (me@social.jlamothe.net)'s status on Tuesday, 21-Jan-2025 03:18:39 JST me

     in reply to

     @delta to be fair, PGP doesn't encrypt metadata (including the subject line) and lacks perfect forward secrecy.

     Still it's better than nothing.

   • Embed this notice
     Delta Chat (delta@chaos.social)'s status on Tuesday, 21-Jan-2025 03:19:27 JST Delta Chat

     in reply to

     • me
     • Martin Schmitt #NochNieCDU

     @me @unixtippse signal also doesn't have "sealed recipients": When a client sends a message signal server knows precisely who are the recipients including their verified phone numbers.

     feld likes this.
   • Embed this notice
     me (me@social.jlamothe.net)'s status on Tuesday, 21-Jan-2025 03:19:29 JST me

     in reply to

     • Martin Schmitt #NochNieCDU
     @unixtippse @delta I'm actually surprised about that. That said, the perfect forward secrecy bit remains. Also, it doesn't do anything to mask who you're communicating with (which is admittedly difficult to do).
   • Embed this notice
     Delta Chat (delta@chaos.social)'s status on Tuesday, 21-Jan-2025 03:19:40 JST Delta Chat

     in reply to

     • me
     • Δж3

     @ax3 @me we may eventually return to the topic of forward secrecy ... it is doable but details matter which we won't discuss much here. Please do note that up until today, nobody has come up with federated PFS protocols in real life messengers that would be as reliable as Signal. For now, PFS means centralization and that's a very high price to pay.

   • Embed this notice
     Δж3 (ax3@wizard.casa)'s status on Tuesday, 21-Jan-2025 03:19:41 JST Δж3

     in reply to

     • me

     @me @delta perfect forward secrecy while nice to have, i think will depend on your threat-model. if someone has a hold of my device it's already over and i have bigger problems.

     the metadata i feel is threat-model specific. i'm okay with someone knowing my deltachat email is bld3jjasdjjhf@rando.server.today it's still somewhat of an abstraction

     feld repeated this.