Discourse Encrypt - RFC

Hosting includes some official plugins, core just means part of the base discourse install rather than a plugin.


At the moment we are not planning on including this plugin in the business or standard tier. Once it passes the RFC process and is released as an official plugin it will be available to the enterprise tier.


For V2 we do plan to just show the proper titles and a special icon, I am not sure if we will have time to improve this for V1.


Is it possible to add a plugin to translate in transifex.com?
Decided to test it. It is amazing! :+1:


Is there a means to backfill existing PMs or a plan to? Excellent work :+1:

Not planned even multiple versions out, way to complex since clients would need to work through the data, plus it is pointless due to backups

1 Like

The demo has no new message button, i cant try it out.

Apologies, had to fiddle with some site settings to decrease trust level required for messaging. Can you try again?


It works now, thank you.


First time I accessed the demo I couldn’t try out sending messages.

Now tried again but … it seems I already had forgotten my passphrase (!)

Does make me think that lack of passphrase recovery is going to be quite an issue for numptys like me.

I do understand the security issues around resetting a passphrase in relation to already encrypted messages. Would it be good to give the option of adding a hint when entering the passphrase for the first time?


imo “hints” are a security issue. They encourage you to use passwords that hints work for and people tend to do “hint : password” followed by “password: password”

Allowing you to download a recovery key though should be added and allowing you to give up on encrypted content and start from scratch should be allowed. We will eventually get there, but need to fix some basics in the protocol first.


I thought he meant UI hints at the time of password (passphrase?) creation about

:warning: Be REALLY careful with this password, if you lose it, you lose access to all your messages!

which I do think makes sense. Because the consequences of forgetting this particular password are severe, we want the language to be pretty scary and a big warning glyph.


@udan11 Thanks for this; truly great. However, I’m getting an error only when enabling it for the admin account that created the instance and who’s also a moderator; not sure if that matters but it’s working on other accounts (admins and non-admins).

  • This is the only thing I get in the UI:

  • No errors on [main_url]/logs

  • What I see in the browser console:
    uncaught exception: [object Event]

  • What I see in rails production.log (seems to be successfuly done):
    Processing by DiscourseEncrypt::EncryptController#update_keys as */* Parameters: ...
    Completed 200 OK in 29ms (Views: 0.2ms | ActiveRecord: 16.7ms)

I refresh the page and I see that it‘s activated for the account but not enabled on the browser although it gets enabled by default on other accounts.
I try to enable it after entering the passphrase, I get that the passphrase is wrong.

Retried all of the above multiple times.
Any idea what could be going wrong? Thanks again!

Alright. I think I identified the issue; the error comes up in Firefox 66 Private Mode. Probably has to do with LocalStorage.


Would it be possible to add U2F auth in the future?

Maybe, we have a big pile of changes first in the pipeline before considering this.


Not seen anything on this for a while - I wonder if there is an estimated time this might move forward from RFC stage? I hope the changes are being worked on by @udan11, or is this shelved?

No, we are actively using this internally.


I am conscious of what you said here, @sam, so we are holding back before putting into production. However we have been waiting for an update on when the first official release will be, and news would be appreciated.


Encryption for Group Messages

In order to share secrets, I have set up a group where all members (2) have enabled encryption.
But when I tried to send a message to this group, the composer told me that “Unfortunately encrypted_group did not enable encrypted messages.”

I was expecting that the group would expand to its members and detect that all members have encryption enabled, and send the encrypted message successfully.

How hard would it be to enable group encryption?

I can see two approaches:

  1. encrypt to each member using their keypair
  2. encrypt to the group using a symmetric key (shared secret)

The second solution would work best in case of group membership changes, so that all previous messages get re-encrypted with a rotated secret whenever a member leaves the group – when a new member arrives, they can use the existing key.

I posted here since there does not seem to be an open topic in #plugin for discourse-encrypt.