Jitsi Security e2ee enable by default


Is there any configuration to enable e2ee by default?

I have set up my own Jitsi server.
I do not want to record or make communication using SIP but the communication will be through the browser only. And mostly between two participants. If this is not available currently then will it be implemented in near future?

1 Like

There is no option at the moment to enable e2ee by default in a meeting.

The idea is to use e2ee to double encrypt the traffic when you are on a public deployments like meet.jit.si, where you don’t own the whole path of the media.

If you have deployed your own server, you have access to the videobridge, so you own the path of the media and the media is already encrypted.

Thanks @damencho

I understood the same. But how this media is encrypted? with which algorithm and how I can make sure for the same. Can you please give any reference documentation for the same?

Just search for webrtc security
For example: https://webrtc-security.github.io/

@damencho I agree with @Ketan_Bhavsar that having the option to turn on e2ee by default would be a great security enhancement.

I know that e2ee is still WIP but giving us self-hosters the ability to enforce e2ee as default would be a great security improvement, specially if all our users have to use the electron app so there’s no question of e2ee not being available because someone is on safari or firefox.

Is this on the roadmap? Thoughts?


@Peter_Villeneuve you’re aware that turning on E2EE disables server-side services (recording, livestreaming, phone participation)? That’s a reason not to have it turned on by default.

Yes I’m aware thanks.

We each have different use cases which is why I self-host.
One size does not fit all

Exactly. And the very reason why E2EE should NOT be turned on by default. Your use case is very specific; you can argue for it, but you can’t presume the majority of users would want that (hence a default setting).

That’s why I ask for it to be an option, like many other settings that can be configured in jitsi-meet