A few weeks ago I enabled for the fist time for a 1:1 chat in and it was really cumbersome until all devices of all participants where verified correctly. Nothing I could do with any "normal" user. Hope there will be a more intuitive solution like in the future and leave device verification to the people who really need/want it.

@bjoern yea, we enabled encryption in a chat with one person here and it's a headache since then. No amount of cross-verification helps.

Interesting observation. How would you compare it to #XMPP on #Android? Is encrypting a 1:1 chat with #OMEMO (using two #Conversations clients) easier or more difficult? (neglecting desktop clients for the moment)

@masoud I think Conversations does many things right in this regard. By default all devices are trusted, no error messages, no warnings. Only if I start to explicitly verify one of your devices our relationship become more strict. From this point on I will get a warning when a new device shows up and I have to verify it. IMHO that's a good tradeoff, by default it is user friendly and if I want to have this extra level of security it becomes more strict.

@bjoern @masoud I also think that the „blind trust before verification“ is currently the best approach.

Daniel Gultsch also has explained it nicely:

@bjoern They are working on cross-signing, so you'll only have to verify one of each user's devices.

Security comes with a price!

Nothing wrong to have to verify devices, That ensures you know who you are talking to.

Besides, it is not hard at all to verify.

That is how I feel about this. :)

Good security depends on many things, threat model, personal security needs, usability to make sure people use it and use it right,.. There are definitely people who need a high level of security, protecting them from targeted surveillance, including knowing and verifying every device. For other people it is enough to protect each other from mass surveillance - 1/2

@Divert We need to design security for the masses with the extra features for the few if we want to succeed - 2/2

I have to agree with you.

In that sense I think #matrix is very good/granular, you can do anything from non encrypted chats on public servers, all the way to E2E encrypted chat on your own server... your choice.

The only feature that I really miss is message auto-delete.

@Divert What I'm waiting for (and afaik it is on the roadmap) is E2E by default, ideally with no possibility to opt-out. Because that's the only way to make encrypted communication the default. For this it is crucial that by default it is completely transparent to the users, like Signal, Wire, Conversations,... I have a lot of trust in the Matrix people and I'm sure they will get there.


I don't think there is a point on encrypting large public rooms.(+2000 users) And if this will harm performance I would appreciate to have the option to not encrypt such rooms.

Other than that, I agree with encrypting everything else. So I would be on the side of having an opt-out for some rooms.

@Divert If it is true e2ee encryption it should only increase the load on the clients. But yeah, that isn't very desirable on mobile clients.
Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!