76
MeroChat - Open Source Random Chat
(mero.chat)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 25 Dec 2024
76 points (96.3% liked)
Open Source
31733 readers
193 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
- !libre_culture@lemmy.ml
- !libre_software@lemmy.ml
- !libre_hardware@lemmy.ml
- !linux@lemmy.ml
- !technology@lemmy.ml
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
Thanks for the tip!
I have somewhat of a grasp on how Signal does it, but that's very client oriented. How to go about it a web app is a mystery to me.
Yeah, I'm not used to E2EE in the browser either and StackExchange seems to agree that there's no nice solution :/
The sanest option in terms of user practicality to me appears to be storing the private key on the server, maybe encrypted with the user's password, and sending it to the user on successful login where it would be decrypted client side. It seems like it's more or less what Mega is doing since they have a similar issue
If the server having temporary access to the user's password is an issue maybe the password could be partially pre-hashed before being sent?
It's be interesting to talk about it with someone with more experience, especially since implementing all of that will be a pain so it can't be redone every Thursday