• gayhitler420
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    11 months ago

    There’s no rcs encryption standard. Google messages does it the same way as signal (pki, like you described), but you’re either remotely accessing googles server by signing in on the web or downloading their google messages application from the play store, their server.

    E: I should have used more clear and precise technical language in my previous post.

    • jasondj@ttrpg.network
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      11 months ago

      Are you saying Google “holds the keys [to the castle]”, as in you have to go through them to access the app? Or because they are the only ones supporting end-to-end encryption between their users?

      The former should be able to be fixed with external app stores. The latter is a bit more difficult and would probably require changing the standard since, you’re right, E2EE is a Google Messages feature, not an RCS feature.

      If I were working on the standard, I’d probably add support for KMS/Relay servers on specified SRV records for a domain. KMS could even be optional with TXT records for an individual users public key. Then just layer on GnuPG or something similar. This would also make it easier for vanity/personal domains for RCS addresses.

      • gayhitler420
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        honestly im saying both. google has the only e2ee rcs implementation and they require you use their software and afaik haven’t opened up that part and have no plans to.

        becoming corporate citizens is the solution presented to common carrier surveillance and its a bummer.

        relying on dns opens the end user up to cert attacks and everyone already just clicks through whatever cert acceptance popup their provider throws out so the eu almost doesn’t need to mandate everyone accept nation certs.