top | item 28513821

(no title)

dkasak | 4 years ago

Realistically, when would you be in a hundred-person encrypted group? Mostly this is the case when you're a member of some kind of organization, and there are ideas how to solve this case without pairwise verifying all participants (e.g. by delegating trust through a single trusted person such as the CEO, reducing the number of verifications necessary from N(N+1)/2 to N). Even without this, fully verified E2EE is still feasible and useful for smaller groups.

And even if you own the homeserver, you still want E2EE since you don't want the data to rest in plaintext server-side.

However, there is work currently being done to make it feasible for every node to also be its own homeserver, via P2P Matrix (https://matrix.org/blog/2020/06/02/introducing-p-2-p-matrix).

discuss

schmorptron|4 years ago

At uni, it's common to have whatsapp groups for classes, which tend to be encrypted 100 to 200 people WhatsApp groups.

nicoburns|4 years ago

How important is it for these kind of groups to be E2E encrypted though? If you're sending a message to 100 people then you probably ought to consider it de facto public even if only the intended recipients receive it.

zaik|4 years ago

How many of those have verified all the public keys? If you never do verification e2ee is basically meaningless.