On Tue, Nov 1, 2016 at 1:43 PM, Chris Ballinger <[email protected]> wrote: > I think people are overthinking this and expecting this proposal to be a > completely secure 100% guaranteed way to enforce message deletion on a > client you don't control.
I think the real problem is that *users* will think this is a "completely secure 100% guaranteed way to enforce message deletion". On Tue, Nov 1, 2016 at 2:59 PM, Dave Cridland <[email protected]> wrote: > On 1 November 2016 at 18:13, Chris Ballinger <[email protected]> wrote: >> People already have a casual understanding that you can't completely enforce >> message deletion. > > Actually, I'm really not sure that's as true as you assert. People > currently think that it requires an assertive effort on the part of > the recipient to defeat an ephemeral message timeout - because it does > in a closed ecosystem. I agree with this, and would also take it a step further and assert that users may not even think that it takes an effort to defeat an ephemeral message timeout; instead, many users will think it can't be done (or that if it is done it's some black magic hacker voodoo and is the products fault for not being "secure"). The existence of such a feature is either actively misleading, or requires explanation (which is confusing and will be skipped or ignored by most users). I'm not saying it's impossible to do this with a decent, non-misleading UX, but I've never seen it done and I suspect it would be incredibly difficult. On Tue, Nov 1, 2016 at 2:59 PM, Dave Cridland <[email protected]> wrote: > So I'm absolutely in favour of specifying this, but I suspect I'd > refuse to implement in any secure client I wrote. I agree with Dave, except s/any secure client/any client/. I'm looking forward to the spec though. —Sam -- Sam Whited pub 4096R/54083AE104EA7AD3 _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
