xmpp.dk/website
1
0
Fork 0
Code Issues Releases Activity

Document support for OMEMO & OpenPGP, add blogpost

Browse source
This commit is contained in:
Jesper Hess 2017-01-22 13:56:01 +01:00
parent 85dd36a1bf
commit 93a6fedc01
Signed by: graffen
GPG key ID: 351A89E40D763F0F
2 changed files with 30 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
_pages/01_connect.md
View file

@ -26,11 +26,17 @@ Simply add _username_@xmpp.dk in your client and click “register” or check t
The connection between your client and xmpp.net is encrypted using TLS. The server requires TLS connections to other XMPP servers.
This means that if you can't connect to a friend, their provider is not configured to use TLS and the xmpp.dk server will refuse the connection. Your friend
should either convince their provider to enable TLS server-to-server connections, or switch to a provider that has proper encrypted transport support.
Since you can't (and shouldn't) trust your xmpp server, I require you always enable [Off-The-Record (OTR)][off-the-record] in your chat client.
Since you can't (and shouldn't) trust your xmpp server, I require you always enable secure end-to-end encryption in your chat client. Supported modes are:
* [Off-The-Record (OTR)][off-the-record]
* [OMEMO][omemo]
* GPG
This will give you end-to-end encrypted chat that cannot be decrypted while in transit and, depending on the settings of your client, will not be logged on your local machine.
## Federation
xmpp.dk allows federated connections to all other *S2S TLS-enabled Jabber servers* so you can chat with anyone that has a Jabber account as long as their provider supports TLS and is configured correctly.
[jabber-clients]: https://xmpp.org/software/clients.html
[off-the-record]: https://otr.cypherpunks.ca/
[off-the-record]: https://otr.cypherpunks.ca/
[omemo]:https://conversations.im/omemo/

22
_posts/2017-01-22-support-for-omemo.md Normal file
View file

@ -0,0 +1,22 @@
---
title: OMEMO, OTR and GPG suppprt
layout: post
---
The XMPP foundation has begun standardizing the [OMEMO end-to-end encryption protocol][omemo-xep]. Therefore,
I decided it would be a good time to include support for this interesting new protocol on the xmpp.dk server.
In practice, this means I have installed a new plugin, mod_e2e_policy, which enables support for the three major
e2e encryption standards on XMPP nowadays, namely OTR (which you already know quite well), OMEMO and OpenPGP/GPG.
OMEMO provides several advantages over OTR. Among other things, it supports offline messages, group chats (which means
I can also start looking into enabling MUC conferences on the server at some point) and also it does away with
user-based fingerprints and instead uses device-based keys. This is especially useful if you're connected on multiple
devices simultaneously. As you know, this was problematic with OTR, but with OMEMO you can get end-to-end encryption
on all of your devices and hopefully never lose a message.
As always, if you have any trouble or want to ask questions, you can always [contact me directly](/contact/) over Jabber
or you can reach out on our [Twitter][twitter].
[omemo-xep]:https://conversations.im/omemo/
[twitter]:https://twitter.com/xmppdk