txt.sour.is prologic@twtxt.net "Autocrypt - Wikipedia Just reading in-depth and trying to understand the security model of Delta.Chat a bit more... There's a few things that r ..."

twtxt.net

Tue, Jan 11 13:00 2022 (3y ago)

Just reading in-depth and trying to understand the security model of Delta.Chat a bit more… There’s a few things that really concern me about how Delta.Chat which relies on Autocrypt work:

There is no Perfect Forward Secrecy
No verification of keys
- Is therefore susceptible to Man-in-the-Middle attacks
Metadata is a BIG problem with Delta.Chat:
- The To and From and Date are trackable by your Mail provider (amongst many other headers)

Hmmm 🤔 cc @deebs@twtxt.net

⤋ Read More