Post A3mWoeIXQsZIGAdAxc by asakura@cdrom.tokyo
(DIR) More posts by asakura@cdrom.tokyo
(DIR) Post #A3mBJZydLlSkqNfFEu by voidwitch@pl.devfs.xyz
2021-01-30T21:42:43.036247Z
0 likes, 0 repeats
@asakura i'm not sure you can *do* offline messaging with deletes in a fast way. the only thing i can think of is giving each message a separate encryption key that the receiver requests from the senderbut even then, the client would just need to store the decrypted message to defeat the point of deletes. i don't think there's an actual protocol-level way of doing this
(DIR) Post #A3mBJaQHgxa4E8bKL2 by asakura@cdrom.tokyo
2021-01-30T21:52:25.339485Z
0 likes, 0 repeats
@voidwitch Look, we have [relay] [me] - [relay] - [you] [relay] I write message and my messenger encrypts it with OMEMO/Autocrypt/PGP/etc and sends you. But if you are not home for example and your PC is off, my encrypted message sends to relay where it keeps for a week and copies itself to other relays for some network shit cases.You came home, turn PC on, open messenger, it connects to relay network and you get message, which is also deletes from relay network at that time.You don’t answer and after three days I think: “Oh, maybe that message was stupid”. And in shame I delete that message in my client. Information about deletion sends to relays. And when you open messenger, it gets that information (which is also deletes from relay network at that time, again). And your messenger purges that message. Easy.
(DIR) Post #A3mBrKVbMorciRB74K by voidwitch@pl.devfs.xyz
2021-01-30T21:55:55.680956Z
0 likes, 0 repeats
@asakura is that really useful though? it requires one party to be offline for, what, days? i literally cannot think of a messenger service that i don't have running literally constantly between any of my machines and my phonethe messenger purging things is not trustworthy, at all. if third-party clients exist (and they absolutely will eventually, your protocol is not hard to re), they can be modified to not respect deletesyou shouldn't enforce things at the interface-level. it gives people false security that they can do things that can't actually be enforced
(DIR) Post #A3mBrL7B76vCayl7dg by asakura@cdrom.tokyo
2021-01-30T21:58:31.049302Z
0 likes, 0 repeats
@voidwitch it’s just an example.>is that really useful though?Yep. It’s must have to completely delete yourself from social network for example.
(DIR) Post #A3mCJvC4ZBjCbIg3Hc by voidwitch@pl.devfs.xyz
2021-01-30T21:59:27.346787Z
0 likes, 0 repeats
@asakura that's not possible though. clients are not trustworthy
(DIR) Post #A3mCJvemqQhG2M6z2W by voidwitch@pl.devfs.xyz
2021-01-30T22:00:28.348318Z
0 likes, 0 repeats
@asakura like i definitely agree, you *need* a delete functionbut you can't trust the client, and you should not give the user a false belief that the delete function is trustworthy
(DIR) Post #A3mCJw3xKqpVIPt5Gq by asakura@cdrom.tokyo
2021-01-30T22:03:41.385080Z
0 likes, 0 repeats
@voidwitch I didn’t said anything about trust. I just say that it’s must-have! But vast majority uses official clients from official websites and stores. Nothing bad if my messages will remain in couple tech guys inboxes. But the rest won’t have any.
(DIR) Post #A3mWoeIXQsZIGAdAxc by asakura@cdrom.tokyo
2021-01-31T01:53:21.047130Z
0 likes, 0 repeats
@voidwitch @SuperDicq I know what to do to trust client: compare hashes of your and mine message history before and after remove claim. So if I want to delete message:Compare hashes. All should be ok. If not ok - alertMove messages from mine chat to tmp storageDelete messages from your chatCompare hashes. All should be ok. If not ok - alert and restore messages in my chatIf all ok - delete messages from mine tmp storage