You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Anyone can access a public channel, so the messages there are public and do not need to be encrypted from Rocket.Chat's point of view. But from a hosting point of view this can make sense, e.g. if the service is operated in a cloud. Because even then you don't want these messages to be read by the cloud operator, but by all Rocket.Chat users. In this respect I think that there are also cases in which public channels should be encrypted.
Public only means its accessible by all users of the server, it has nothing to do with security.
If we want security for all users and all conversations, then E2E should be used for everything by default, like Whatsapp and Signal do.
Encryption should be as much invisible to the users as possible.
This seems to be done on purpose, shown here: https://github.com/RocketChat/Rocket.Chat/blob/develop/packages/rocketchat-channel-settings/server/methods/saveRoomSettings.js#L76
...why? There's not that large of a difference between a private and public channel.
The text was updated successfully, but these errors were encountered: