@Qqwy: Ok, thx - here I summarize all info:
- HTTPS, WSS protocols are configurable
- WSS is already provided in above protocols
- PFS is configurable too and need more attention (ciphers, SSL version)
- E2EE - to setup this we need choose algorithm(s) to generate, export, import, encrypt and decrypt for Web Cryptography API; time between generate new keys depends on what is used in application
Mozilla wiki article describes SSL configuration and splits it by client support.
SSL configuration could be set in standard nginx way or in cowboy/phoenix configuration.
An examples of using Web Cryptography API
