Reading ybout #Deltachat - making plans on running my own relay.
-
Reading about #Deltachat - making plans on running my own relay. :blobcathero:
https://blog.feld.me/posts/2025/03/deltachat-is-actually-good-though/
I blame @lumi@snug.moe :gura_laugh: -
M monkee@chaos.social shared this topic
-
Reading about #Deltachat - making plans on running my own relay. :blobcathero:
https://blog.feld.me/posts/2025/03/deltachat-is-actually-good-though/
I blame @lumi@snug.moe :gura_laugh: -
@lispi314@udongein.xyz Still learning how the whole thing actually works. Goal is to have as little data on the server as possible.
@lumi@snug.moe -
@lispi314@udongein.xyz Still learning how the whole thing actually works. Goal is to have as little data on the server as possible.
@lumi@snug.moe@monkee@other.li @lumi@snug.moe This article in conjunction with AutoCrypt V2's mechanisms makes me think the project has decided to forgo high-latency/intermittent-uptime tolerance in favor of a primarily P2P schema with the server eventually becoming something like a glorified federating cache (that also opportunistically doubles as a censorship wall hole punch).
With AutoCrypt V2's default parameters cache TTL before eviction should be <=10 days.
edit: This makes me hesitate slightly but if the key is expired then the message is undecipherable by policy, is it not? Or is verification backdated based on sending date & signature validity?
-
@monkee@other.li @lumi@snug.moe This article in conjunction with AutoCrypt V2's mechanisms makes me think the project has decided to forgo high-latency/intermittent-uptime tolerance in favor of a primarily P2P schema with the server eventually becoming something like a glorified federating cache (that also opportunistically doubles as a censorship wall hole punch).
With AutoCrypt V2's default parameters cache TTL before eviction should be <=10 days.
edit: This makes me hesitate slightly but if the key is expired then the message is undecipherable by policy, is it not? Or is verification backdated based on sending date & signature validity?
@lispi314@udongein.xyz
Theoretically the client could keep "old" keypairs. But honestly i have no clue - seems you are deeper in it than me. I try to catch up
@lumi@snug.moe -
@lispi314@udongein.xyz
Theoretically the client could keep "old" keypairs. But honestly i have no clue - seems you are deeper in it than me. I try to catch up
@lumi@snug.moe@monkee@other.li @lumi@snug.moe I had previously read through a slideshow presentation of AutoCrypt V2 and live-ranted about the use-cases that AutoCrypt V2's design cut out, which were use-cases I found neat to see DeltaChat incidentally support.
This is a bit more formalized & complete though.
Even with the use-cases greatly curtailed by this centering of priorities, I would still be inclined to use DeltaChat with family & friends in particular with the P2P aspect.
Although the whole "Android goes closed-platform in September 2026" thing that might prove a major issue.
I can provide a WebUI client for XMPP (it's already all centralized on one server, nothing newly gains unexpected information access), not so much for DeltaChat without inflicting considerable additional risk surface in the schema (browser, JavaScript & WebRTC/WebSockets/JMAP? Hello new compromisable client with no particular reason for the users to trust, now an active risk unless everyone is on the same server which is itself another risk instead).
That would still leave DeltaChat fine on conventional computers but cutting out mobile use is not nothing. I'm not sure how to handle that.
-
@monkee@other.li @lumi@snug.moe I had previously read through a slideshow presentation of AutoCrypt V2 and live-ranted about the use-cases that AutoCrypt V2's design cut out, which were use-cases I found neat to see DeltaChat incidentally support.
This is a bit more formalized & complete though.
Even with the use-cases greatly curtailed by this centering of priorities, I would still be inclined to use DeltaChat with family & friends in particular with the P2P aspect.
Although the whole "Android goes closed-platform in September 2026" thing that might prove a major issue.
I can provide a WebUI client for XMPP (it's already all centralized on one server, nothing newly gains unexpected information access), not so much for DeltaChat without inflicting considerable additional risk surface in the schema (browser, JavaScript & WebRTC/WebSockets/JMAP? Hello new compromisable client with no particular reason for the users to trust, now an active risk unless everyone is on the same server which is itself another risk instead).
That would still leave DeltaChat fine on conventional computers but cutting out mobile use is not nothing. I'm not sure how to handle that.
@lispi314@udongein.xyz @lumi@snug.moe
Sidenote: I like that Deltachat is making easy and frictionless signup a priority. It's sadly the most important step when onboarding normies :ablobcatsweatsiphard:
Still frustrates me that the main reason for Whatsapp success is that you do not have to choose a username :feelslainman:
I need to read more about the tech to say something mildly clever about the other stuff you write :gura_laugh:
Thanks for sharing! :blobcathero:
PS: Google going full evil with android will certainly cause a lot of problems in a lot of places...