You see, there is an extension for reading user private messages. Am I the only one feeling bad for this? It should be the other way around, we should show the users how much we value their privacy. As admins, we are responsible for building trust in our communities.
That's why I am developing an extension that will allow you to encrypt the message using end-to-end encryption (this means that the message will be encrypted on your PC before sending to the phpBB). You (or your users) will enjoy the same level of privacy as when using ProtonMail, WhatsApp, Telegram, etc.
This ext is in very early stage, the goal of this topic is to get your feedback on how you expect the extension to behave. I try to add all the functionality with as ease and as seamlessly as possible. So when creating a new PM or replying to one: As easy as that. When reading the PM, you won't notice anything, the ext will decrypt the message before displaying it to you. Of course, encryption/decryption takes time so there will be loading indicators present during the process.
What I am thinking the next steps could be:
- add UCP setting to auto-check the checkbox (PMs will be encrypted by default)
- add ACP setting to force encrypted PMs (user won't have the choice, the message will always be encrypted)
- maybe encrypt the subject as well?
- attachments aren't protected, so maybe think about this one as well
Current problems:
- You can send encrypted PMs only to users who logged in at least once after the ext was enabled. Reason is, the ext is using user password to generate the encryption keys and there is no way to encrypt the message without the keys. But the bad side of this approach is that the keys are generated every time user logs-in, taking quite a time to generate. Log-in process is then slowed down (approx. 1s, depends on the CPU speed).
Alternative approach could be an announcement-like notification asking user to generate the keys in the UCP. This adds few steps but doesn't slow the log-in process. Difficult to decide on which approach is better.