[NEW] Support for end to end encryption #10094
Conversation
…ploading keys to server on register
|
Guys, this seems to be a fantastic improvement, I have only one question though. "Synchronized encrypted chat history across user's devices" means that the mobile clients (eg. https://github.com/RocketChat/Rocket.Chat.Android) will support it if one upgrade their RC server? Or this feature is now only available in the browser view "across devices" and the mobile apps should implement this functionality on their own later? |
|
@immanuelfodor right now this would be web/desktop only. I'm not sure what the timeline will be for mobile to implement. Probably will need to make sure the api's mature a bit and then they will implement. |
Most users will consider this a major bug. If you can't read messages on mobile which you sent on Desktop, the elementary job of Rocket.Chat "send a message" is jeopardized. |
|
@geekgonecrazy @rodrigok Is there any docs for the APIs? I couldn't find anything yet. |
|
@immanuelfodor @mrsimpson @rafaelks this is a beta version, I'll update with more details before the final release and it's disabled by default. There is no docs yet since I still need to finish the REST Apis e some other stuffs. |
|
If it is not yet ready for mobile yet: will there be a possibility to send encrypted and unencrypted messages at the same time? Currently when there is an OTR-session running on the web-client or the desktop-app and you send then a message from a mobile client, the message won't turn up on the desktop except beneath the nick, in the nick-list in extended view. Thus the other side doesn't even see that it should turn off OTR for further communication. |
|
@nielsk yes, if some client send an unencrypted message that message will be shown to everyone, only messages sent with |
|
@rocketchat/core should we update last message? Right now shows something like: Not sure how to implement... something like this maybe? It'd use the server language I think... |
|
@geekgonecrazy nice catch, since the client has the key we may decrypt the message and show it |
|
This is true I forget about being able to decrypt it and just show it. If not too heavy on client that would work |
|
Given that this has been merged and is officially released now, is there any timeline when we can expect this to hit the mobile clients? We currently use rchat as an in-company self-hosted messaging solution and privacy is important. For this reason we have disabled notification content on mobile devices (as notifications pass through a 3rd party). Not having notification content on the mobile client is a major disadvantage and main pain-point of users. E2E encryption really is a huge feature. But not having this available on mobile is a major blocking point for adopting this! |
|
@exhuma This is in our roadmap already, we'll be working on E2E for the next release for iOS and Android, you can expect something by later November. |
|
@rafaelks Is there an issue to track? |
|
@hypery2k Yes... Android: RocketChat/Rocket.Chat.Android#566 |
|
|
rocket should be support |
|
Matrix is implementing e2e for file sharing in this way: https://matrix.org/docs/guides/e2e_implementation.html#encrypted-attachments |
@RocketChat/core
Creating new package "RocketChat-e2e", that enables end-to-end encrypted chat conversations in Rocket.Chat.
(Previously PR #7181 , merged into new branch)
Package adds functionality for encrypted direct messaging, encrypted group conversations
and encrypted file uploads.Objectives completed: