On Thu, May 10, 2018 at 02:31:27PM +0200, VanitasVitae wrote: > Am 10. Mai 2018 14:24:47 MESZ schrieb "Remko Tronçon" <re...@el-tramo.be>: > >I don't see why a XEP for data retention hints needs to be tied to > >other XEPs like > >OMEMO, though. > > I'd also rather not tie it to OMEMO. The same principle of > disappearing messages could also be applied with other crypto in > mind, or even no crypto at all. Remember, this functionality is not > designed to give you any (serious) security improvements. Its rather > a function which teenagers find neat and which was implemented in > Signal for some reason.
Disappearing messages without end-to-end encryption and forward secrecy are useless at best. They give the user false sense of security. That is why Telegram implements timers for "secret" chats only I believe, as I said in the first message. The function you are talking about ("a function which teenagers find neat") is not what I described in the first message. I specifically stated that implementing "snapchat" is a non-goal. This function works only if message contents is never distributed outside the small trusted group of users. Use case I have in mind is when the contents of your device is leaked some time later after *private* conversation. Forward secrecy alone does not help if message contents is retained. There is no reason to securely delete old keys if you retain plaintext message on the same device. I will try to describe it as clearly as possible in the "Use Cases" section. As all previous discussions on disappearing messages (this list, GitHub, etc.) show, it is always the source of confusion. _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________