Our great sponsors
-
libsignal
Home to the Signal Protocol as well as other cryptographic primitives which make Signal possible.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
As others have pointed out…
> They killed it. It's dead.
…is ridiculous hyperbole. This is a debate around the “system warns you when something bad happens” versus “system stops something bad happening in the first place”. It’s like saying SSL is “killed dead” because browsers let you connect to sites with bad certs albeit with a big red warning.
And much as this was addressed for SSL with HSTS etc, we’re working on the fix for Matrix. For what it’s worth, the current approach is https://github.com/matrix-org/matrix-spec-proposals/blob/fay...
Screaming about Matrix being “killed dead” helps no-one, and risks completely sabotaging our efforts to improve open communication, just in order to score a rhetorical point.
How is twitter intending to use libsignal? I doubt it would be via the primary AGPL license[1], forcing them to publish the source code of their server source code. Does signal sell private licenses?
[1] https://github.com/signalapp/libsignal/blob/main/LICENSE
Notably, this design lacks reputability, which for some reason they didn't even want (as it might be used by "terrorists"), which led to arguments with Ian Goldberg, the developer of Off-the-Record messaging. The arguments on the big tracker about power imbalances were maybe a bit better, but I still personally disagree.
https://mailarchive.ietf.org/arch/msg/mls/ZJ4e78obXSdYWnxmsN...