for the record, recently such influencer/streamer asked for this feature in social media:
@delta Is there any hope for chat moderation features? Personally, I am a streamer and I enjoy using your product and building a community there :yellowHeart: But I am very concerned that at some point I might let someone who is not very adequate into the chat and they will have the right to kick everyone out of the chat…:cirno_cry3:
It would also be very cool to have the ability to tag chat members:cirno_love:
This key will be known for all the group members in long term? (which effectively will mean ‘everyone knows it’)
When leaked, will this key allow to decrypt all future group messages?
a bot can be used if more than one admin is needed
How will it work?
Will owner need to share their private key with bot?
Groups in DC have a symmetric key. However, this key is encrypted and transmitted using each member’s public key. As a result, messages become larger as the group size increases, but this is only significant for very large groups.
In most cases, one admin is completely sufficient. If not, you could use a bot. This bot would be the owner of the group. At the same time, it would also be in an admin group with the actual admins, who moderate the group from there.
(in other words, the payload is encrypted with a random symmetric key, and the symmetric key is then encrypted N times to each recipient’s key. by that, as mentioned above, the encrypted message grow only a little bit for additional recipients, the size of the payload does not add there) (this is a standard PGP pattern)
yeah that is the disadvantage, I will not say “everyone knows it” but “everyone you trusted once, will know it, hence even after being kick from the group, they could ally with your email provider to decrypt the messages” which is a edge-case situation, if someone really turns from friend to a life-and-death enemy conspiring with your chatmail provider on top of that, then just clone the group and then you will have a new key
anyways most of the time the kind of group with owner I am describing is public, so encryption doesn’t really matters much, anyways anyone can join
that is the same situation for the upcoming telegram-like channels with a symmetric key
it is an edge case because they first need to be part of the group, which could only happen for the “public group” use case and there it doesn’t matter
Threatening someone into providing copies of any keys they currently have seems a plausible attack under those circumstances (simply taking over a detained person’s phone is also common today). Sometimes you’d want new members to get all the group’s history, and sometimes you would not.
in that case, it is better to clone the group and start from another group anyways, once again the feature is about public groups, where anyone can join, if you have a super-secret private group against government, you use the existing private groups
I really don’t get you people… we start talking about public groups, read the title of this thread don’t start bringing up all kind of weird “we fight the government in a public group but then they get the key” illogical scenarios, please
Sorry, Adbenitez, probably should think this through more. I guess I’m saying that the boundary between public groups and large private groups seems a bit fuzzy sometimes (example). So security features that later get added to one type might also be useful in the other. But something without every possible security feature is also useful!
There is also the need to have private groups with an admin. I’m thinking about the kind of groups that schools, associations, parishes, neighbors create to coordinate activities.