Raphael Robert
@raphaelrobert.bsky.social
Privacy. Security. Research.
MLS co-author, working in secure messaging at @phoenixrd.bsky.social.
MLS co-author, working in secure messaging at @phoenixrd.bsky.social.
Reposted by Raphael Robert
We made MLS more decentralized! We are excited to share DMLS that brings fork resilience to the MLS protocol, solving a key challenge in distributed systems while maintaining Forward Secrecy.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
Making MLS more decentralized
It’s no secret that we at Phoenix R&D are big fans of the Messaging Layer Security (MLS) protocol, having helped it to come into existence. It’s a versatile group key agreement and messaging protocol ...
blog.phnx.im
October 29, 2025 at 9:36 AM
We made MLS more decentralized! We are excited to share DMLS that brings fork resilience to the MLS protocol, solving a key challenge in distributed systems while maintaining Forward Secrecy.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
This work was made possible by @equalitie.bsky.social, who funded it as part of the Breakout program.
Reposted by Raphael Robert
Die Stimmen gegen die #Chatkontrolle werden mehr und lauter. Nun hagelt es deutliche Kritik aus der Wirtschaft. Zudem warnen der Deutsche Journalistenverband und der Anwaltverein vor einer Überwachungsinfrastruktur, die schnell ausgebaut werden könnte.
netzpolitik.org/2025/eu-uebe...
netzpolitik.org/2025/eu-uebe...
EU-Überwachungspläne in der Kritik: Wirtschaftsverbände Bitkom und eco klar gegen Chatkontrolle
Die Stimmen gegen die Chatkontrolle werden mehr und lauter. Nun hagelt es deutliche Kritik aus der Wirtschaft. Zudem warnen der Deutsche Journalistenverband und der Anwaltverein vor einer Überwachungs...
netzpolitik.org
October 7, 2025 at 5:58 AM
Die Stimmen gegen die #Chatkontrolle werden mehr und lauter. Nun hagelt es deutliche Kritik aus der Wirtschaft. Zudem warnen der Deutsche Journalistenverband und der Anwaltverein vor einer Überwachungsinfrastruktur, die schnell ausgebaut werden könnte.
netzpolitik.org/2025/eu-uebe...
netzpolitik.org/2025/eu-uebe...
Reposted by Raphael Robert
🚨 Der Gesetzentwurf zur #Chatkontrolle sieht vor, dass digitale Kommunikation einschließlich verschlüsselter Nachrichten und Fotos gescannt werden soll.
Wir haben uns an die deutsche Bundesregierung gewandt, sich am 14. Oktober gegen den Gesetzesvorschlag der Chatkontrolle auszusprechen.
Wir haben uns an die deutsche Bundesregierung gewandt, sich am 14. Oktober gegen den Gesetzesvorschlag der Chatkontrolle auszusprechen.
Unser Brandbrief zur geplanten Chatkontrolle – eine Gefährdung der digitalen Sicherheit Deutschlands | Phoenix R&D
🚨Der Gesetzentwurf zur #Chatkontrolle sieht vor, dass digitale Kommunikation einschließlich verschlüsselter Nachrichten und Fotos gescannt werden soll.
Die Sicherheit von sicheren Messenger-Diensten ...
www.linkedin.com
October 6, 2025 at 8:02 PM
🚨 Der Gesetzentwurf zur #Chatkontrolle sieht vor, dass digitale Kommunikation einschließlich verschlüsselter Nachrichten und Fotos gescannt werden soll.
Wir haben uns an die deutsche Bundesregierung gewandt, sich am 14. Oktober gegen den Gesetzesvorschlag der Chatkontrolle auszusprechen.
Wir haben uns an die deutsche Bundesregierung gewandt, sich am 14. Oktober gegen den Gesetzesvorschlag der Chatkontrolle auszusprechen.
LinkedIn annonced that it will use your data to train AI models, and craftily chose to use an opt-out mechanism. Deactivate this in your settings now, of you don’t want to give away your content.
September 18, 2025 at 3:09 PM
LinkedIn annonced that it will use your data to train AI models, and craftily chose to use an opt-out mechanism. Deactivate this in your settings now, of you don’t want to give away your content.
As an ex head of security of an end-to-end encrypting messenger I can relate
www.theguardian.com/technology/2...
www.theguardian.com/technology/2...
Ex-WhatsApp cybersecurity head says Meta endangered billions of users in new suit
Attaullah Baig, fired this year, said he had warned Mark Zuckerberg engineers had unaudited access to user data
www.theguardian.com
September 8, 2025 at 9:18 PM
As an ex head of security of an end-to-end encrypting messenger I can relate
www.theguardian.com/technology/2...
www.theguardian.com/technology/2...
Reposted by Raphael Robert
There's an article making the rounds with the provocative title "MLS: The Naked King of End-to-End Encryption". It needs some rebuttal.
www.poberezkin.com/posts/2025-0...
tl;dr - MLS is fine. This is a misunderstanding about modularity.
www.poberezkin.com/posts/2025-0...
tl;dr - MLS is fine. This is a misunderstanding about modularity.
MLS: The Naked King of End-to-End Encryption
Evgeny Poberezkin's blog
www.poberezkin.com
August 28, 2025 at 5:09 PM
There's an article making the rounds with the provocative title "MLS: The Naked King of End-to-End Encryption". It needs some rebuttal.
www.poberezkin.com/posts/2025-0...
tl;dr - MLS is fine. This is a misunderstanding about modularity.
www.poberezkin.com/posts/2025-0...
tl;dr - MLS is fine. This is a misunderstanding about modularity.
Not long ago, someone (who is likely the founder of SimpleX Chat) wrote a blog post about MLS that contained a pretty blatant factual mistake about MLS' authentication, including an alleged lack of security. Thankfully, @soatok.bsky.social took the time to debunk that: soatok.blog/2025/08/25/b...
Barking Up The Ratchet Tree – MLS Is Neither Royal Nor Nude - Dhole Moments
One of the first rules you learn about technical writing is, “Know your audience.” But often, this sort of advice is given without sufficient weight or practical examples. Instead, you&…
soatok.blog
August 25, 2025 at 4:43 PM
Not long ago, someone (who is likely the founder of SimpleX Chat) wrote a blog post about MLS that contained a pretty blatant factual mistake about MLS' authentication, including an alleged lack of security. Thankfully, @soatok.bsky.social took the time to debunk that: soatok.blog/2025/08/25/b...
I had to see for myself
August 8, 2025 at 7:25 AM
I had to see for myself
Reposted by Raphael Robert
We did a thing. We combined TLS and MLS into a hybrid protocol.
Why? Because sometimes you need connections that last for weeks, quantum-resistant security, or simpler certificates.
The experiment is open-source. Here's the story 👇
Why? Because sometimes you need connections that last for weeks, quantum-resistant security, or simpler certificates.
The experiment is open-source. Here's the story 👇
Combining TLS and MLS: An experiment
We did a thing. We combined TLS and MLS into a hybrid protocol. Of course, when things get serious, full names are in order: We combined the Transport Layer Security protocol and the Messaging Layer S...
blog.phnx.im
July 2, 2025 at 8:06 AM
We did a thing. We combined TLS and MLS into a hybrid protocol.
Why? Because sometimes you need connections that last for weeks, quantum-resistant security, or simpler certificates.
The experiment is open-source. Here's the story 👇
Why? Because sometimes you need connections that last for weeks, quantum-resistant security, or simpler certificates.
The experiment is open-source. Here's the story 👇
We really did do a thing.
We did a thing. We combined TLS and MLS into a hybrid protocol.
Why? Because sometimes you need connections that last for weeks, quantum-resistant security, or simpler certificates.
The experiment is open-source. Here's the story 👇
Why? Because sometimes you need connections that last for weeks, quantum-resistant security, or simpler certificates.
The experiment is open-source. Here's the story 👇
Combining TLS and MLS: An experiment
We did a thing. We combined TLS and MLS into a hybrid protocol. Of course, when things get serious, full names are in order: We combined the Transport Layer Security protocol and the Messaging Layer S...
blog.phnx.im
July 2, 2025 at 8:11 AM
We really did do a thing.
Reposted by Raphael Robert
We are #hiring a Freelance Junior Product Manager to help us build the next generation of private & secure messaging.
If you’re interested in joining our team, please apply today!
For friends of secure messaging 🥷, please share our post with potential candidates.
If you’re interested in joining our team, please apply today!
For friends of secure messaging 🥷, please share our post with potential candidates.
Phoenix R&D (Remote): Freelance Junior Product Manager (all genders, part-time)
Phoenix R&D GmbH has a remote job opening for Freelance Junior Product Manager (all genders, part-time) (published: 15.05.2025). Apply now or check the other available jobs.
join.com
May 15, 2025 at 9:51 AM
We are #hiring a Freelance Junior Product Manager to help us build the next generation of private & secure messaging.
If you’re interested in joining our team, please apply today!
For friends of secure messaging 🥷, please share our post with potential candidates.
If you’re interested in joining our team, please apply today!
For friends of secure messaging 🥷, please share our post with potential candidates.
Happy to announce that I’ll be speaking at @passthesaltcon.bsky.social on July 2nd!
I’ll discuss end-to-end encryption with MLS, the growing MLS ecosystem, the MIMI IETF working group, and metadata protection.
It’s my first time attending, and I look forward to connecting with the French community!
I’ll discuss end-to-end encryption with MLS, the growing MLS ecosystem, the MIMI IETF working group, and metadata protection.
It’s my first time attending, and I look forward to connecting with the French community!
May 14, 2025 at 8:08 AM
Happy to announce that I’ll be speaking at @passthesaltcon.bsky.social on July 2nd!
I’ll discuss end-to-end encryption with MLS, the growing MLS ecosystem, the MIMI IETF working group, and metadata protection.
It’s my first time attending, and I look forward to connecting with the French community!
I’ll discuss end-to-end encryption with MLS, the growing MLS ecosystem, the MIMI IETF working group, and metadata protection.
It’s my first time attending, and I look forward to connecting with the French community!
Reposted by Raphael Robert
The idea that you can just “teach computer science” and be apolitical is a beautiful dream that expired in the 2000s, at the latest. Computer science has re-organized every facet of our society: it is inherently political. Instead of taking this idea seriously, we ran from it. Now we live in hell.
May 3, 2025 at 3:27 PM
The idea that you can just “teach computer science” and be apolitical is a beautiful dream that expired in the 2000s, at the latest. Computer science has re-organized every facet of our society: it is inherently political. Instead of taking this idea seriously, we ran from it. Now we live in hell.
Hey Google designers, are we sure about this new layout logo in Google Meet?
The negative space around the boxes reminds me of something.
The negative space around the boxes reminds me of something.
April 30, 2025 at 10:21 AM
Hey Google designers, are we sure about this new layout logo in Google Meet?
The negative space around the boxes reminds me of something.
The negative space around the boxes reminds me of something.
The MLS Architecture document – the companion document to the MLS Protocol document – is now finally available as RFC 9750:
www.rfc-editor.org/info/rfc9750
www.rfc-editor.org/info/rfc9750
Information on RFC 9750 » RFC Editor
www.rfc-editor.org
April 22, 2025 at 9:08 PM
The MLS Architecture document – the companion document to the MLS Protocol document – is now finally available as RFC 9750:
www.rfc-editor.org/info/rfc9750
www.rfc-editor.org/info/rfc9750
And so it begins, BlueSky complies with censorship requests of an authoritarian regime
April 17, 2025 at 12:11 PM
And so it begins, BlueSky complies with censorship requests of an authoritarian regime
MLS is efficient, but what does that mean in practice?
This paper sheds some light on the question by building a test framework for OpenMLS.
arxiv.org/pdf/2502.18303
This paper sheds some light on the question by building a test framework for OpenMLS.
arxiv.org/pdf/2502.18303
arxiv.org
February 27, 2025 at 12:18 AM
MLS is efficient, but what does that mean in practice?
This paper sheds some light on the question by building a test framework for OpenMLS.
arxiv.org/pdf/2502.18303
This paper sheds some light on the question by building a test framework for OpenMLS.
arxiv.org/pdf/2502.18303
… and now it looks like Apple caved, while Google didn’t: www.forbes.com/sites/zakdof...
February 25, 2025 at 1:04 PM
… and now it looks like Apple caved, while Google didn’t: www.forbes.com/sites/zakdof...
The SCW podcast team does it again and breaks down a newish, complex and alarming topic into palatable and informative pieces. Excellent questions from @durumcrustulum.com and @dadrian.io expertly answered by @josephhall.org and @matthewdgreen.bsky.social.
Listen to it if you have time!
Listen to it if you have time!
NEW EPISODE!
Apple did something very un-Apple-y by pulling its Advanced Data Protection encryption for iCloud in the UK. We're joined by @matthewdgreen.bsky.social and @joebeone.techpolicy.social to discuss the ramifications:
youtu.be/LAn_yOGUkR0
podcasts.apple.com/us/podcast/a...
Apple did something very un-Apple-y by pulling its Advanced Data Protection encryption for iCloud in the UK. We're joined by @matthewdgreen.bsky.social and @joebeone.techpolicy.social to discuss the ramifications:
youtu.be/LAn_yOGUkR0
podcasts.apple.com/us/podcast/a...
Apple Pulls Advanced Data Protection in the UK with Matt Green and Joe Hall
YouTube video by Security Cryptography Whatever
youtu.be
February 25, 2025 at 7:37 AM
The SCW podcast team does it again and breaks down a newish, complex and alarming topic into palatable and informative pieces. Excellent questions from @durumcrustulum.com and @dadrian.io expertly answered by @josephhall.org and @matthewdgreen.bsky.social.
Listen to it if you have time!
Listen to it if you have time!
We proudly signed this too. Always push back.
Proud to have signed this. Let's push back against backdoors and the weakening of encryption.
I'm proud to be among 107+ security experts and organizations calling on the UK Home Office to abandon its push for backdoors into encrypted services. Weakening encryption puts everyone at risk. Read the letter and join the fight for digital security.
February 14, 2025 at 10:50 AM
We proudly signed this too. Always push back.
I love that @kagi.com now uses Privacy Pass.
It would have been nice to get some credit since your "own implementation" looks like a wrapper around my implementation.
blog.kagi.com/kagi-privacy...
It would have been nice to get some credit since your "own implementation" looks like a wrapper around my implementation.
blog.kagi.com/kagi-privacy...
Introducing Privacy Pass authentication for Kagi Search | Kagi Blog
Today we are announcing a new privacy feature coming to Kagi Search.
blog.kagi.com
February 14, 2025 at 7:54 AM
I love that @kagi.com now uses Privacy Pass.
It would have been nice to get some credit since your "own implementation" looks like a wrapper around my implementation.
blog.kagi.com/kagi-privacy...
It would have been nice to get some credit since your "own implementation" looks like a wrapper around my implementation.
blog.kagi.com/kagi-privacy...
Another example of how legal interception of private communication cannot be limited to the “good guys”:
www.cisa.gov/news-events/...
www.cisa.gov/news-events/...
Joint Statement from FBI and CISA on the People's Republic of China (PRC) Targeting of Commercial Telecommunications Infrastructure | CISA
www.cisa.gov
November 18, 2024 at 10:07 AM
Another example of how legal interception of private communication cannot be limited to the “good guys”:
www.cisa.gov/news-events/...
www.cisa.gov/news-events/...
Hey new followers! I hope this will become what Twitter once was – it's already starting to feel that way. Looking forward to better conversations!
PS: Mastodon is still as valid as it was before.
PS: Mastodon is still as valid as it was before.
November 17, 2024 at 3:35 PM
Hey new followers! I hope this will become what Twitter once was – it's already starting to feel that way. Looking forward to better conversations!
PS: Mastodon is still as valid as it was before.
PS: Mastodon is still as valid as it was before.