Initial questions

Question

Initial questions

bedeho opened this issue 5 years ago · comments

Bedeho Mender commented 5 years ago

Just getting familiar with this effort, so firing off a few initial questions I have.

Your goals do not talk about this (from what I gleen), but how do your current designs allow or exclude having the modern web browser environment be a first class environment for particpating in this protocol?
- Would some sort of gateway be required, if so, how would that change the security model compared to normal native p2p clients, if at all?
- Would you consider building a gateway if it is required?
Is it somewhere described how the goal of this effort clearly departs from the constraints of the Matrix protocol? Why is a new messaging protocol required?

Bedeho Mender · Answer 1 · Wed May 29 2019 20:36:37 GMT+0800 (China Standard Time)

On the browser point I just saw this at the very very bottom of the README

Implementation

In order to leverage existing work done in the space we would like to leverage libp2p for networking and make sure that at least one implementation is fully runnable in the browser leveraging Javascript and Wasm.

If there could be any elaboration here on still the impact on security model, how it would work with a DHT/lipp2p etc. then please address this.

Does the tone at least reflect that this is not a top priority? is that fair?

Jeff Burdges · Answer 2 · Wed Jun 05 2019 16:45:17 GMT+0800 (China Standard Time)

We're aiming for strong metadata protections. Matrix provides no metadata protections. Briar provides Tor-like metadata protections, but mixnets can do much better.

You cannot send HTTP through a mixnet because web pages are too bloated and the mixnet will have too much latency.

I think validity labs wants a client that runs in the browser. I'm against browsers for secure anything myself, but whatever.

I'm kinda curious if anyone wanted to take Servo, throw away numerous insecure, inconvenient, poorly performing, or crappy HTML standards, and make an electrum like environment. I suppose Qt already does this minus the security focus, so maybe the goal would be make a more secure Qt rendering environment from Servo.

As an aside, I never looked into Matrix's content encryption, but I've no confidence because Riot makes key validation so incredibly insecure. We'll use https://messaginglayersecurity.rocks/ for content encryption.

Bedeho Mender · Answer 3 · Wed Jun 05 2019 17:00:31 GMT+0800 (China Standard Time)

Thanks for the reply.

When you say protection, do you mean authentication or confidentiality? and also, what metadata are you refering to? I am not deeply familiar with Matrix internals either, I found their spec to be a poor introduction.
You mention Briar and mixnets, but how about XMPP?

Jeff Burdges · Answer 4 · Wed Jun 05 2019 17:20:27 GMT+0800 (China Standard Time)

We expect authentication and confidentiality of content to be handled by https://messaginglayersecurity.rocks/ We're worried about metadata, meaning who talks to who.

Matrix is just a redesign of XMPP plus some cryptography. XMPP provides no form of security. You can layer OtR on XMPP but more recent OtR variants went nowhere interesting.