From 962ec1b9a0b44661e46acf81e867e81e87d53038 Mon Sep 17 00:00:00 2001 From: metamuffin Date: Fri, 9 Sep 2022 19:18:42 +0200 Subject: watch-builder can be replace with `deno bundle --watch` --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'readme.md') diff --git a/readme.md b/readme.md index 145dd98..77af7e9 100644 --- a/readme.md +++ b/readme.md @@ -22,7 +22,7 @@ GNU Affero General Public License version 3 only; See [COPYING](./COPYING). keks-meet _tries_ to be secure. However I am not a security expert. The current system works as follows: - The room name is set in the section of the URL (-> not sent to the server) -- The server receives a salted hash of the room name to group client of a room +- The server receives a salted SHA-256 hash of the room name to group client of a room - We use PBKDF2 (constant salt; 250000 iterations) to derive a 256-bit AES-GCM key - All relayed message contents are encrypted with this key. - Message recipient is visible to the server -- cgit v1.2.3-70-g09d2