The project it's in its early stages. There isn't anything as formal as a protocol yet. That is also why there isn't good documentation about it... The best I have for your question is:
https://positive-intentions.com/docs/research/authentication
The project it's in its early stages. There isn't anything as formal as a protocol yet. That is also why there isn't good documentation about it... The best I have for your question is:
https://positive-intentions.com/docs/research/authentication
Users can selfhost the frontend and backend independently. When creating a profile, you can set it to use your own peerjs-server (set preferences)
The frontend is only run as client-side JavaScript. There isn't a step to "set up clients".
Thanks. I want to also investigate if YJS could also fit into the app.
https://www.reddit.com/r/cryptography/comments/1bs7slv/help_me_understand_postquantum_cryptography/
Sorry to redirect to Reddit. I'm new to Lemmy.
Tldr; there are several approaches to this issue. In the case of webapps, relying on the offering from the browser should be enough.
I'm also investigating if wasm could also be a way to introduce real-world-entropy to key generation (because I noticed it isn't possible to seed the browser key generation)
There is a lot to be fixed throughout but file transfer and video calls should be working if you try out the live app.
The app is a active work in progress. I try to make this clear in my post. Any "protocol" being used, is subject to change as I make improvements.
You raise some good points about rotating keys and forward secrecy. These are things I will be including, but the app is far from finished.
Maybe this helps a bit (I know it's not what you want, but it's the best I got at the moment without diving into the code): https://positive-intentions.com/docs/research/authentication/
It's similar to matrix in many ways. The key difference is with mine it's is purely browser based. Unlike traditional solutions like matrix where you have a (self)hosted server, mine does not require things like registration or installation.
I'm using peerjs-server. I'm also investigating other ways to achieve peer discovery which itself could be quite a discussion.
An understandable view. Not sure what you mean by lengthy, but I can confirm my app is not well documented. If the MDN docs count, its a fairly thin wrapper around the functionality provided by the browser of your choice.
I'm using webpack 5 module federation to import that file at runtime. Perhaps over-engineered, but it's so I can keep the crypto functionality maintained separately. That repo is in need of more attention for things like unit tests, but the crypto implementation there is pretty basic.