00:00 Opening
01:23 Introduction of the panellists
---
03:10 Interoperable end-to-end (E2EE) encryption options (Paul Rosler)
05:24 Requirements for interoperable E2EE (Paul Rosler)
09:22 Options for interoperable E2EE (Paul Rosler)
13:54 Confidentiality, Privacy & Abuse prevention (Paul Rosler)
19:07 Group Messaging (Paul Rosler)
---
22:44 Learning from QUIC (Mozilla)
24:14 E2EE and interoperability (Mozilla)
25:50 Key Establishment in a E2EE interoperable system (Mozilla)
27:16 Message and media formats in a E2EE interoperable system (Mozilla)
28:30 Identity in a E2EE interoperable system (Mozilla)
30:49 Multiple gatekeeper scenarios (Mozilla)
31:41 Suggested framework for interoperability (Mozilla)
---
35:20 Discussing how the UX of a DMA compliant product can look like (Cisco)
36:38 The use case for enterprise interoperability (Cisco)
30:47 Approaches to DMA Compliance (Cisco)
43:57 Limits of the per-gatekeeper, in-house solution approach (Cisco)
48:19 Strengths of the consolidated (standardised) solution (Cisco)
50:00 Implications & requirements of the consolidated solution (Cisco)
---
52:03 Implementing Interoperability in practice for the DMA (Matrix)
53:00 A practical path to full interoperability (Matrix)
54:35 Defining the problem we're solving (Matrix)
55:15 Approach 1 Client-side bridging using server-side APIs (Matrix)
57:21 Approach 2 Client-side bridging using client-side APIs (Matrix)
58:48 Approach 3 Polyglot app, using a 3rd party protocol à la iMessage (Matrix)
01:00:06 Approach 4 Using an open protocol (Matrix)
01:00:42 Pros & Cons of each approach (Matrix)
01:01:55 DEMO of client-side bridging (Matrix)
---
01:06:45 Meta's view on the DMA as seen from WhatsApp (Meta)
---
Questions
01:17:12 Matthew (Matrix) remind that not only the demo showed client-side bridging was possible, but iMessage has been doing it for years
01:17:54 Meta has two IM platforms (Instagram and Facebook) that are not E2EE. What is Meta going to do about those platforms? (Beeper)
01:18:45 How to balance discoverability and privacy?
01:21:04 How to solve the problem of different E2EE protocols? (online)
01:24:48 Do some of the panellists think the best option is not a single standardised protocol? (OpenXchange)
01:33:46 Which measures by gatekeepers to preserve security integrity and privacy can be considered proportionate?
01:36:38 How many people have worked on the client-side demo?
01:38:56 Does it really matter that MLS is not "done"?
01:47:30 How will article 7 ensure private keys will never transit over the network? (online)
01:53:00 What about interoperability of features like custom emojis, removing messages, etc? (online)
01:57:42 What does the rest of the panel thinks about the guarantees they can provide when a message leaves a system? (XMPP)

свернуть