Continuing the discussion from IM/RTC: Perfect Forward Secrecy Requirement:
We should figure out how exactly to do this and consider documenting it on the site, according to Matthew it should be possible to set the session duration to 1, possibly with a custom
m.room.encryption state upon room creation? I also just found out that it doesn’t even seem like Matrix.org knows whether this is possible in existing rooms:
The other thing we should probably document is the default session length. I read it was 100 messages but I’m not totally sure, but that would mean that Matrix provides forward secrecy, just in batches of 100 messages instead of per-message, which is still probably better than alternatives which lack forward secrecy in any form.