Https vs e2e

Hi,

I’m wondering if end to end encryption isn’t enabled (cause it’s not compatible with all devices/browsers), how secure is Jitsi? I understand that https is also enabled during a Jitsi meeting, so what are the advantages of e2e over https?

Best regards,

Gaferti

You can read more here: https://jitsi.org/security and here https://jitsi.org/e2ee

All data(signaling and media) is encrypted while traveling over the Internet. E2EE is about media it has nothing to do with https.
SFU(the videobridge) works by encrypting the channel to every hop, so it basically extracts the data from one channel and forwards it to another and encrypting again before sending to the network, and this is done in real time.
If you don’t trust the environment where the bridge is running you have two options: deploy it yourself or use e2ee. E2EE adds another layer of encryption, and the video bridge even if wants cannot get access to it, even if somehow it is saved, that is encrypted and is garbage.

1 Like

Thanks. That’s indeed the info I was looking for.