From 018d5bbab367d07a201f78719fb3b03f5e6c07ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C3=A9vin=20Commaille?= <zecakeh@tedomum.fr>
Date: Fri, 1 May 2026 09:09:24 +0200
Subject: [PATCH] Replace outdated statement that messages are not encrypted
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
---
 content/client-server-api/modules/instant_messaging.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/content/client-server-api/modules/instant_messaging.md b/content/client-server-api/modules/instant_messaging.md
index a64baa25..b6066ecf 100644
--- a/content/client-server-api/modules/instant_messaging.md
+++ b/content/client-server-api/modules/instant_messaging.md
@@ -454,8 +454,7 @@ status code of 400.
 
 #### Security considerations
 
-Messages sent using this module are not encrypted, although end to end
-encryption is in development (see [E2E module](#end-to-end-encryption)).
+Messages sent using this module MAY be encrypted, see [End-to-End Encryption](#end-to-end-encryption).
 
 Clients should sanitise **all displayed keys** for unsafe HTML to
 prevent Cross-Site Scripting (XSS) attacks. This includes room names and