New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

E2E encryption #30

Closed

t-mullen opened this issue Apr 14, 2017 · 1 comment

Labels

feature wontfix

Member

t-mullen commented Apr 14, 2017 •

edited

Loading

Everything is encrypted with WebRTC and WSS, but the server can see the key exchanges in the WebRTC case and the content in the WSS case.

Would be neat if you could specify a shared key along with your room and have everything encrypted.

Backlog because web crypto is useless without something like hyperboot (if even then), and that would need to be opt-in and so more complicated.

Basically, if you trust the server, you are fine and this isn't needed.

t-mullen added backlog feature labels

Member Author

t-mullen commented Sep 16, 2017

Impossible. Run your own server if you don't trust the public one.

https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2011/august/javascript-cryptography-considered-harmful//

t-mullen closed this as completed

t-mullen added wontfix and removed backlog labels

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment