Nadim Kobeissi: > OKAY! > I just came back from a long, incredibly intense dinner with Jacob, Ian > Goldberg and a few other people. Believe it or not, we have actually > managed to agree on a conversation model that both answers the concerns of > people like Jacob while remaining easy to use and accessible! Hard to > believe, but we actually came to it.
It was a good discussion. > > *A non-technical, one paragraph summary: *There will be no logins. Instead, > you will enter a chat room just like the current Cryptocat. Inside the > room, you can either have a group conversation (via mpOTR) or start private > conversations with individual members (via OTR.) Clicking on each chat > member opens a separate tab in which a conversation may be maintained. To be clear - this means that Cryptocat won't change much from a user's perspective. It won't have new legal issues or data retention requirements. > > As I hope you'll agree, this model is indeed simple, and yet the inner > workings are actually very interesting, innovative and promise some cool > security properties. Jacob and I are in the process of writing a formal > description that we hope to post soon. > We'll open a bug about it. > Issues such as browser plugins/web versions were comparatively barely > discussed. But this is still an excellent issue to be resolved. A lot of > progress was made today! I also want to say that I strongly appreciate the > conversation being had here. My personal view is that browser plugins > should definitely be the main form of delivery for Cryptocat 2. I believe > the debate is still open on whether a "demonstration" web version should > exist. If it does, however, I must stress that it will be very minimal, and > chock-full of blaring, inescapable warnings everywhere. I think the best warning would be to tell others that the user has made that security choice. But I think this is hard to get right as it might encourage people to attack those users to get at the "more secure" users. This is a good thing to talk about at Toorcamp, I bet. All the best, Jake _______________________________________________ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech