▲ | sixtiethutopia a day ago | ||||||||||||||||
It's email-compatible and uses pgp for encryption. No forward secrecy and supports sending unencrypted messages as well for people who don't have pgp. No forward secrecy and will automatically switch to unencrypted messages if you receive an unencrypted message from a contact. I wonder if it's vulnerable to downgrade attacks from adversaries falsifying the sending address. If an adversary sends an unencrypted email imitating a contact will delta chat reject it or will it silently switch the chat with that contact over to unencrypted email? | |||||||||||||||||
▲ | folmar a day ago | parent | next [-] | ||||||||||||||||
The way to have guaranteed encryped is creating two user encrypted group chat. https://delta.chat/en/help#how-can-i-ensure-message-end-to-e... | |||||||||||||||||
▲ | deknos a day ago | parent | prev | next [-] | ||||||||||||||||
did you look into their spec? perhaps they used the updated openpgp standard which has authenticated encryption. or perhaps they just sign everything. and it's not just pgp with email, it's more akin to an overlaysystem. | |||||||||||||||||
▲ | maqp a day ago | parent | prev [-] | ||||||||||||||||
>No forward secrecy and supports sending unencrypted messages as well for people who don't have pgp. JFC. There's a reason Signal dropped SMS support. What an insane design decision. | |||||||||||||||||
|