Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document threat model + security invariants #54

Open
QuinnWilton opened this issue Dec 9, 2022 · 1 comment
Open

Document threat model + security invariants #54

QuinnWilton opened this issue Dec 9, 2022 · 1 comment
Assignees
@walkah @QuinnWilton @expede @matheus23

Comments

@QuinnWilton
Copy link

Being explicit about our threat model + our security and privacy invariants is important for grounding discussion of security issues in the spec, and for clearly communicating the limitations of the project to users.

Good examples to draw on are Quiet's threat modeling, and Soatok's E2EE spec for Mastodon.
@matheus23
Copy link
Member

matheus23 commented Jan 11, 2023
edited
Loading

More reading: https://github.com/defuse/ictm (Putting this here mostly for myself as a bookmark for what format to follow)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@walkah walkah

@QuinnWilton QuinnWilton

@expede expede

@matheus23 matheus23

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@walkah @QuinnWilton @expede @matheus23