Hi, It's always good to see that people are working on tools to protect privacy and open the sourcecode. But i'm a bit disapointed by your approach which is for me a "already seen" centralized encrypted chat. I trully think that we need to do more than reinvent the wheel and build several chat clients that are not compatible between them. We just need to work on standard, decentralized protocols (like XMPP) ad implemented them properly in nice clients. By using a universal standard the users will be able to choose between several solutions which are all compatibles. All theses clients are implemented using several languages on several platforms too. There's already a bunch of tools in XMPP to do that, we are just waiting for nice clients :) P.S.: I'm working on XMPP for a couple of years now Regards, Tim On mar., août 19, 2014 at 3:38 , Subrosa Team <contact@subrosa.io> wrote:
We just have one client.
The hosted version is the client hosted by us, on our web server. You can access it at https://subrosa.io/app/
You can download the client code, and run it from your computer, or host it on your own web server. It's identical.
The difference is by hosting the code yourself, you can be assured that the correct code is being executed.
For RSA private keys, user settings, etc, they're all encrypted with the user password (through PBKDF2) before being sent to the server. The server is just a dumb pipe that stores and passes encrypted information we don't have the keys to.
(Sorry, didn't cc the mailing list)
---- On Tue, 19 Aug 2014 06:07:10 -0700 Stephan Neuhaus<stephan.neuhaus@tik.ee.ethz.ch> wrote ----
Hi Subrosa Team,
sounds like an interesting project! I am however slightly confused about what you mean by "hosted version" and "client". Is this a web app or is it a web app that also has a non-web (= hosted) version, providing the same functionality, but where stuff (like RSA keypairs, for example) is stored locally instead of on your servers? If so, what exactly is the "client"?
Fun,
Stephan