Add ability to force disable E2EE via admin config with no user override #1442
Comments
|
This is probably better served as a server option to refuse to enable encryption or otherwise participate in encrypted rooms. If the goal is to ensure a legal requirement is met, changing the client's options won't ensure the rooms are auditable. Someone could easily just not use the Riot provided by the organization and use another Matrix client, bypassing the measure entirely. |
|
Didn't realize that was possible, I assumed it was a client-side, server-agnostic feature (kind of like PGP in email). If this were to be implemented server-side, would Riot automatically know to disable/gray-out this option? or would some code be needed to reflect this? Regardless, I'll open an issue for matrix-synapse for this. |
|
Riot would need some way to detect it, which would potentially make it a spec problem (ie: matrix-doc). Although encryption and decryption is done client-side, the server is still aware that a given room is encrypted - the server cannot see encrypted event contents, though. |
|
That makes sense. I see now that matrix/synapse has some Thanks again for your help :) |
jryans
changed the title
|
ftr the analogy to pgp is quite good: if tyou want to ban pgp from transiting a mail server it’s no good configuring a given mail client not to send pgp. instead you need to scan for pgp contents in emails and block them, which is effectively what synapse would need to do here by rejecting m.room.encrypted events. |
|
This feature is becoming more urgent now that Riot has enabled encryption by default. I have a home server for family and friends, and I'm glad I can self host a chat server matching commercial instant-messaging in quality, but I really can't justify to them the need for end to end encryption, given the hassle and risk (of losing data) it adds! IMO, https is largely sufficient for my security needs, given I can trust the server (because I own it). This feature could go along with matrix-org/synapse#4401 so that it can be also work with non web clients (Riot Desktop, Android, and iOS) |
jryans
changed the title
|
I have morphed the title here slightly to reflect what I believe is the issue opener's desire for some way to force E2EE off without any UI option for a user to turn it back on. |
|
@jryans is there a separate issue for just disabling E2EE by default for the instance's users, but without preventing users to enable it if they want to? |
Yes, there is now element-hq/element-web#13705 to track this variant. |
Thanks. It looks like this is only for DMs though. There is no mention of disabling the E2EE enrollment when registering/logging in, which is what I'm especially looking for... |
Ah, that's yet another slightly different variant which I don't think I've seen filed yet, so I think it would be best for you to file an issue about that and explain your use case in a bit more detail to help us evaluate it. |
I already created an issue regarding my use case some times ago element-hq/element-web#13537 Maybe element-hq/element-web#13705 could be updated to reflect my and @dbkr comments?
|
That's quite a lot more general than your specific request to control cross-signing prompts though, so I don't consider it the same at all. In general, a specific request is much easier to debate and take action on, and deserves a separate issue.
Yes, we're actively working this through as we speak actually, so in this specific situation, it's likely enough to stay tuned and element-hq/element-web#13705 will be updated shortly to reflect your case as well. If you disagree with the direction it takes, please file a fresh issue. |
Maybe I haven't been clear enough, but all I wish for is the ability to disable e2ee and all related features, so that my non-technical users don't have to set it up and think about the consequences of enabling it, when it's already complicated enough for them to use the app without it, and the pros of e2ee for them are very hard to justify. I was under the impression that since Riot decided to enforce e2ee everywhere, you wouldn't want to go back or add settings to disable it, that's why I filed element-hq/element-web#13537 as a UX problem: if e2ee was truly transparent to end-users, I wouldn't have a problem with it being enabled by default.
Great! |
jryans
changed the title
|
I feel this could be handled along with matrix-org/matrix-react-sdk#4605 as a temporary solution. As has been stated previously this should be a spec change and handled on the homeserver side but that takes time. Could also go along with matrix-org/synapse#7639 and matrix-org/synapse#2431 And I want to echo mlaily in that along with disabling e2ee encryption so should all related prompts/features go away. All of the confusing issues around e2ee lead to poor user adoption and only serve to generate needless questions. Users don't need to worry about backing up keys or cross-signing if encryption isn't allowed on the server. |
Description
No easy way to disable end-to-end encryption for self-hosted riot instances (I have a legal requirement to make our chat logs auditable)
Steps to reproduce
I expected to find documentation for how to disable E2EE. Instead, I compiled from source after deleting these lines.
Version information
For the web app:
The text was updated successfully, but these errors were encountered: