It will be open source, end to end encrypted using Signal’s double ratchet encryption protocol, and he plans to make it easy for fediverse platforms to integrate it. The beta will release later this month.
He’s also the creator of https://fedidb.org btw
You must log in or register to comment.
You’re right, Signal is not P2P. The way Signals messaging pipeline works is like this - note I’m oversimplifying it for accessibility.
Sending a message to
Bob
- You press
Send
. - The message is encrypted on your device with a key that can only be unlocked by
Bob
. - The message is then “sealed” so that there’s only a “deliver to” field visible (not a “from”).
- The “deliver to” field is addressed with a hashed/salted label for
Bob
- this means Signal’s server can see its a unique user, but not what their name is. - The message is finally sent to Signal’s servers.
- Your message sits on Signals servers until it can be delivered to the intended recipient.
you can’t really do user lookups without some sort of middleware in the cloud.
See their blog post about Private Contact Discovery, they’ve spent a long time figuring out how to engineer a method to know as little as possible about you.
Thanks for the explanation.
- You press