Friendly reminder that meet.jit.si is not end-to-end encrypted. So, unless hosting your own instance, using the website or the videoconference integration in Riot means your conversation is routed through an Atlassian-owned server.
Yes, that is correct (except the Atlassian bit, we are owned by 8x8 now).
Currently WebRTC does not provide the necessary tools to make E2EE possible while still being able to use smart video routing techniques such as simulcast and SVC.
There is hope! In order to be able to have E2EE 2 things are needed:
* some metadata must be available without decrypting packets, this is (mostly?) available as RTP packet extensions, called "frame markings"
* an API is necessary to be able to inject one's own encrypting engine in the WebRTC chain, Google is working on this API and hopefully it's available later in the year. Google is calling this "insertable streams": https://www.chromestatus.com/feature/6321945865879552
Worth noting that Riot can be configured to use any jitsi instance, the default option is jitsi.riot.im which is hosted by New Vector on behalf of the Matrix.org Foundation.
To be accurate: no tool that relies on webrtc is end-to-end encrypted. So, no, it isn't. It is encrypted on the wire, just like the other tools mentioned here.
He says that video/audio in calls are end-to-end encrypted when the server is using the default PHP backend, but not the high-performance backend (an optional paid and proprietary enterprise upgrade).
> video/audio is already end-to-end encrypted
> By default with the internal signaling backend audio/video calls (no matter if 1:1 or group) are end-to-end encrypted.
> and without the HPB its always paar-to-peer [sic] and therefor end-to-end encrypted.
> Chat is currently not end-to-end encrypted, only the audio/video of calls are.
Someone mentioned Jitsi's statement and the developer responded:
>> But I don't understand why the Jitsi people write, "WebRTC today does not provide away of conducting multiparty conversations with end-to-end encryption."
That would only be true if I decided to use an additional HPB solution, wouldn't it? But not out of the box.
> Exactly, I guess for better user experience and performance they have a SFU or MCU in place (our HPB is an SFU), and therefor it stops being end-to-end encrypted
Last time I tried it like half a year ago, NextCloud talk was unstable and didn't have any decent client software, it was literally useless to me. I hope they make it better.
As others have pointed out, we use jitsi.riot.im, which is provided by New Vector (the company behind Riot) rather than anything to do with Atlassian/Jitsi/8x8.
See https://github.com/jitsi/jitsi-meet/issues/409#issuecomment-....