Interesting enough, though it's a little dickish to post this before giving the author a chance to fix the most important issues.
I also disagree with this point:
> Thus it's not end-to-end encryption; at best, it's trust-on-first-use
E2EE means little more than that the server can't see the contents of the messages while the clients can. This may not be a very common or secure method of E2EE, but it's still E2EE.
3 comments
[ 4.8 ms ] story [ 17.9 ms ] threadI also disagree with this point:
> Thus it's not end-to-end encryption; at best, it's trust-on-first-use
E2EE means little more than that the server can't see the contents of the messages while the clients can. This may not be a very common or secure method of E2EE, but it's still E2EE.