Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not create verified groups if user has disabled encryption preference #58

Open
link2xt opened this issue Nov 20, 2023 · 11 comments
Open

Do not create verified groups if user has disabled encryption preference #58

link2xt opened this issue Nov 20, 2023 · 11 comments
Labels
discussion

Comments

@link2xt
Copy link
Contributor

link2xt commented Nov 20, 2023

Especially if user disabled encryption preference and creates a group only with self, creating it as verified group and encrypting anyway looks wrong.
@r10s
Copy link
Member

r10s commented Dec 4, 2023
edited
Loading

yes, maybe that's better, not sure. cc @Hocuri @hpk42 ?

it could worsen ux, as the existing and described patterns to create "green checkmarked" groups do no longer work unconditionally. not sure if that is a good tradeoff.

if we want to go for that, we need to do the same on desktop/ios and probably do that post-1.42

but maybe also wait a bit if that really becomes an issue?

@hpk42
Copy link

hpk42 commented Dec 4, 2023 via email

@link2xt
Copy link
Contributor Author

link2xt commented Dec 4, 2023

I think we wanted to keep the setting, but turn it into "disable encryption" and not even send Autocrypt header in this case.

@hpk42
Copy link

hpk42 commented Dec 4, 2023 via email

@r10s r10s added the discussion label Dec 4, 2023
@Hocuri
Copy link
Contributor

Hocuri commented Dec 5, 2023

What about this:

  • Ask on the forum and maybe other community channels whether people use this setting, saying that we might remove it because it's not always working as intended
  • If enough people use it: Rename it to "End-to-End Encrypt Messages" (or "Disable End-to-End Encryption") (I think that "Prefer End-to-End Encryption" was a bit hard to understand for users, anyway)
  • Otherwise: Just remove it

@adbenitez
Copy link
Member

there has been requests from the past to allow to completely disable encryption, now with the encryption "guarantee" for some it means a sticky guarantee annoyance, the option as it currently is was always useless and not fitting users expectations, it is not about to remove it tho, but to make it do what people need it to do, "disable encryption"

@Hocuri
Copy link
Contributor

Hocuri commented Dec 9, 2023

What's the use case for a disable-encryption-setting, and how often does it occur?

Personally, I sometimes needed an option to force-once-unencrypted when sending messages because I wanted the recipient to be able to read the message in webmail. I never needed a disable-encryption-setting.

Note that the costs to this setting are quite high:

  • It doesn't work well with chatmail, because chatmail allows messages to other email servers only if they are encrypted (as an anti-spam measure)
  • It takes some work to make it play nicely with guaranteed encryption
  • As always, users may enable it, forget about it, and then wonder why things don't work (guaranteed encryption in this case)

In general, we may need to make sure that we're not supporting too many use cases "a bit" at the cost of making things work smoothly.

@r10s r10s transferred this issue from deltachat/deltachat-android Dec 9, 2023
@adbenitez
Copy link
Member

adbenitez commented Dec 9, 2023
edited
Loading

What's the use case for a disable-encryption-setting, and how often does it occur?

in the past it was the main reason for DeltaLab to exist, at the time called "Delta Chat Lite" because it disabled forcefully encryption not sending encrypted messages or autocrypt header saving a lot of data plan etc.

also in the forum you can find information about people requesting this:
image

some advantages of disabling encryption:

  • Save data plan
  • Faster delivery/receiving because smaller messages
  • encryption is illegal in some places
  • you can read all your messages in webmail or other email clients
  • you can reinstall the app and can keep reading messages without getting confusing encrypted messages because your key changed
  • E2E encryption might be redundant and unnecessary ex. in yggmail the communication is already e2e encrypted at the server level, if selfhosting for family and friends protocol encryption is good enough

That said I agree with the new "guaranteed e2e" things got more complicated for adding a "disable encryption" option
what is easy to agree upon is that the current "not prefer encryption" option is pointless and everyone things it means "disable encryption" because otherwise it doesn't make any sense, so we can remove it and hope we can add a "disable encryption" option at some point if problems/reports pop up about the sticky encryption

@adbenitez
Copy link
Member

shall I create a PR removing the setting from android? cc @r10s

@adbenitez
Copy link
Member

Especially if user disabled encryption preference and creates a group only with self, creating it as verified group and encrypting anyway looks wrong.

about the main topic/issue of this post, what I did in DeltaLab was that if the group has only self as member then I show the dialog asking if you want to create a greencheckmarked chat

@r10s
Copy link
Member

r10s commented Dec 9, 2023

shall I create a PR removing the setting from android? cc @r10s

i just moved this issue from "android" to "interface" - let's first see what we really want. if it is about "disable encryption", it does not make sense to remove the setting from android - but we would also need some changes in core probably

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discussion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@hpk42 @r10s @Hocuri @link2xt @adbenitez