Congrats to @protonprivacy for beating us on introducing Post-Quantum Cryptography into mail messaging!
-
Congrats to @protonprivacy for beating us on introducing Post-Quantum Cryptography into mail messaging!
No worries. We'll implement https://autocrypt2.org which additionally offers reliable deletion / forward secrecy during 2026
We are working with Proton cryptographers on OpenPGP specifications, and they are now moving towards using @rpgp , the end-to-end encryption we are using.
Everything will be based on RFC9580 (#OpenPGP v6) ... the eocsystem is moving
@delta @blogdiva @protonprivacy @rpgp yall realize we're 100+ years from a quantum computer that does anything besides look neat yeah?
-
Congrats to @protonprivacy for beating us on introducing Post-Quantum Cryptography into mail messaging!
No worries. We'll implement https://autocrypt2.org which additionally offers reliable deletion / forward secrecy during 2026
We are working with Proton cryptographers on OpenPGP specifications, and they are now moving towards using @rpgp , the end-to-end encryption we are using.
Everything will be based on RFC9580 (#OpenPGP v6) ... the eocsystem is moving
@delta @rpgp @protonprivacy
with all of my criticism of @Tutanota (mainly though not exclusively about the time they partnered with one of the main suppliers of the mecha-Hitler AI), i must say they beat both of you to the punch by two years:
https://tuta.com/blog/post-quantum-cryptography -
@delta @rpgp @protonprivacy
with all of my criticism of @Tutanota (mainly though not exclusively about the time they partnered with one of the main suppliers of the mecha-Hitler AI), i must say they beat both of you to the punch by two years:
https://tuta.com/blog/post-quantum-cryptography@Yuvalne @rpgp @protonprivacy @Tutanota indeed, and also signal has introduced PQC already. But we were implicitly talking about standards/specs based developments and interoperable solutions.
-
@delta @rpgp @protonprivacy
with all of my criticism of @Tutanota (mainly though not exclusively about the time they partnered with one of the main suppliers of the mecha-Hitler AI), i must say they beat both of you to the punch by two years:
https://tuta.com/blog/post-quantum-cryptography@Yuvalne Hey, I can't seem to find info through a quick web search on a partnership between Tuta and xAI, do you have any resources on that? I'm genuinely interested (concerned)
-
@Yuvalne Hey, I can't seem to find info through a quick web search on a partnership between Tuta and xAI, do you have any resources on that? I'm genuinely interested (concerned)
@Equity7804 @Yuvalne It's false .... i don't know where you heard it but it's complete BS
-
@Equity7804 @Yuvalne It's false .... i don't know where you heard it but it's complete BS
@hidikem @Equity7804
search engines don't find it because they deleted that blogpost. sadly the internet doesn't forget.
https://mastodon.art/@enriquericos/114845745048290364 -
@hidikem @Equity7804
search engines don't find it because they deleted that blogpost. sadly the internet doesn't forget.
https://mastodon.art/@enriquericos/114845745048290364@hidikem @Equity7804 though i realised i forgot they worked with a mechahitler supplier, not directly with xAI. i've edited the post to correct that.
-
@Yuvalne @rpgp @protonprivacy @Tutanota indeed, and also signal has introduced PQC already. But we were implicitly talking about standards/specs based developments and interoperable solutions.
@delta @Yuvalne @rpgp @protonprivacy @Tutanota This is ultimately based on a new Autocrypt standard which is based on RFC-9580? That doesn't sound very interoperable to me. So a recipient would have to support Autocrypt2 and RFC-9580 (as opposed to LibrePGP). How likely is it that anything else will support that particular combination of standards?
-
@delta @Yuvalne @rpgp @protonprivacy @Tutanota This is ultimately based on a new Autocrypt standard which is based on RFC-9580? That doesn't sound very interoperable to me. So a recipient would have to support Autocrypt2 and RFC-9580 (as opposed to LibrePGP). How likely is it that anything else will support that particular combination of standards?
@upofadown @Yuvalne @rpgp @protonprivacy @Tutanota Autocrypt2 works with any standard v6 implementation. See https://www.ietf.org/archive/id/draft-autocrypt-openpgp-v2-cert-01.html#name-identifying-an-autocrypt-v2 -- in any case, this is exceeding what should be discussed here. Feel free to open an issue on https://codeberg.org/autocrypt2/autocrypt-v2-cert
-
@delta @Yuvalne @rpgp @protonprivacy @Tutanota This is ultimately based on a new Autocrypt standard which is based on RFC-9580? That doesn't sound very interoperable to me. So a recipient would have to support Autocrypt2 and RFC-9580 (as opposed to LibrePGP). How likely is it that anything else will support that particular combination of standards?
@upofadown Schemes based on RFC 9580 are going to be quite interoperable.
I'm aware of at least 7 serious independent codebases that implement RFC 9580, and almost as many mature implementations of draft-ietf-openpgp-pqc.
Adding autocrypt2 to the mix is a very small additional layer on top of these already widely available building blocks.
(And sure, GnuPG is doing its own thing. But that is really not very relevant to Delta Chat or its users.)
-
P pelle@veganism.social shared this topic
