Hi,
>> On 2 Oct 2016, at 12:21, Tobias Markmann <tmarkm...@googlemail.com> wrote:
>>
>> * How does this relate to other standardization efforts? (You already
>> mentioned olm, there's also OMEMO which is currently gaining some
>> traction.)
>
>
> OMEMO is currently being adjusted to use Olm instead of Signal, so that it
> will be more implementation and standardization friendly [1], and will
> probably be standardized by the XSF afterwards.
For those not familiar: Olm is an independent implementation of the Double
Ratchet algorithm based on the original sketch by Trevor & Moxie, written in
C/C++14 by the Matrix.org team. It's released under the Apache 2.0 license at
https://matrix.org/git/olm, and we've published a formal spec for it at
https://matrix.org/docs/spec/olm.html. Olm is independent of the actual
messaging protocol (eg it's used fine for both Matrix and XMPP/OMEMO). We've
spoken at length to Moxie about Olm, and understand that he is fine with an
independent liberal-licensed implementation as long as we make it abundantly
clear that it's nothing to do with Signal, or Signal protocol, and is just a
double ratchet impl.
Seperately, Megolm is a new ratchet we've designed specifically for the problem
of handling group conversations with selectively shareable history for syncing
between devices. It's also included in libolm, and the formal spec is at
https://matrix.org/docs/spec/megolm.html. Megolm is very new (less than a month
old), although it's being beta'd in https://riot.im/app currently. It uses Olm
to exchange the group ratchet state between participants.
Olm (and megolm) are currently being audited by NCC Group as part of a publicly
released audit (which has already shown up some stuff we need to address; eg
whether Olm prekeys should be signed and whether Megolm sessions suffer from
replay attacks). We were going to hold off making a big announcement until the
audit's done and we've fixed the thinkos, but I guess this thread preempts that
:)
Obviously we are very interested in Olm (and perhaps Megolm) being usable as an
unencumbered, liberal licensed, and well-specified E2E protocol for the
purposes being discussed here. However, we've been too busy building it and
shipping it in Riot to get stuck into standardisation stuff yet! We would
certainly like to be part of a BOF discussion though :)
Matthew
--
Matrix.org
_______________________________________________
Messaging mailing list
Messaging@moderncrypto.org
https://moderncrypto.org/mailman/listinfo/messaging
