There are quite a few concerns here:
Man-in-the-middle
If this is implemented in JS the “true” security of this system depends on no-one interfering with JavaScript payloads. This means HTTPS would be an absolute minimum, however you also can not properly trust browsers due to rogue plugins etcs. So if you want to turn security up to 100 you need another solution.
You should not trust the server
If the server has the password ANYWHERE, including in a logfile somewhere or whatever it can not really be trusted. You can not send passwords to the server, period, instead the login algorithm would need to change to send both an encrypted password and encrypted private key.
This does not solve the conversation problem, how do you allow N people to converse?
Instead, for conversations to work.
- The OP contains an encrypted “conversation key” it is encrypted with the public key of every allowed participant.
- Each posts raw is encrypted using the conversation key, which can only be obtained by decrypting the OP.
Either that or you simply encrypt every message with the public key of every participant and have rather long and heavy posts
This makes an appealing sell for a “mobile app” or “standalone Discourse” where needed
Only way to totally trust this kind of system is to have a signed binary, that way you eliminate all the variables of running such a system and can correctly audit it.
“Mobile apps” or something like Google ARC or Atom Shell become very appealing. They allow you to have trusted binaries, which is critical.
Best effort security here and security by obscurity are a complete no-go. This kind of system should be usable by political activist without worrying that they can be sent to jail for life.
If we had the funds to build this we would
A project that allows you to mold Discourse into a truly private communication platform is incredibly appealing to me (and @codinghorror) . In the age of mass surveillance the Internet needs a VERY easy to use alternative that provides true privacy.
Hint @downey, guess what else is not private, every email you have on GMail, Snowden revealed that the NSA have a firehose into GMail and so on.
If we had the money at Discourse to throw onto such a project we would at a blink. Its a multi month effort to get it done right, but has a potential of disrupting the status quo and allowing for low-friction private conversations.
However this needs to be done correctly and securely, with zero shortcuts. The server can not be trusted here. Only signed binaries.