Document support for OMEMO & OpenPGP, add blogpost
This commit is contained in:
parent
85dd36a1bf
commit
93a6fedc01
|
@ -26,7 +26,12 @@ Simply add _username_@xmpp.dk in your client and click “register” or check t
|
||||||
The connection between your client and xmpp.net is encrypted using TLS. The server requires TLS connections to other XMPP servers.
|
The connection between your client and xmpp.net is encrypted using TLS. The server requires TLS connections to other XMPP servers.
|
||||||
This means that if you can't connect to a friend, their provider is not configured to use TLS and the xmpp.dk server will refuse the connection. Your friend
|
This means that if you can't connect to a friend, their provider is not configured to use TLS and the xmpp.dk server will refuse the connection. Your friend
|
||||||
should either convince their provider to enable TLS server-to-server connections, or switch to a provider that has proper encrypted transport support.
|
should either convince their provider to enable TLS server-to-server connections, or switch to a provider that has proper encrypted transport support.
|
||||||
Since you can't (and shouldn't) trust your xmpp server, I require you always enable [Off-The-Record (OTR)][off-the-record] in your chat client.
|
Since you can't (and shouldn't) trust your xmpp server, I require you always enable secure end-to-end encryption in your chat client. Supported modes are:
|
||||||
|
|
||||||
|
* [Off-The-Record (OTR)][off-the-record]
|
||||||
|
* [OMEMO][omemo]
|
||||||
|
* GPG
|
||||||
|
|
||||||
This will give you end-to-end encrypted chat that cannot be decrypted while in transit and, depending on the settings of your client, will not be logged on your local machine.
|
This will give you end-to-end encrypted chat that cannot be decrypted while in transit and, depending on the settings of your client, will not be logged on your local machine.
|
||||||
|
|
||||||
## Federation
|
## Federation
|
||||||
|
@ -34,3 +39,4 @@ xmpp.dk allows federated connections to all other *S2S TLS-enabled Jabber server
|
||||||
|
|
||||||
[jabber-clients]: https://xmpp.org/software/clients.html
|
[jabber-clients]: https://xmpp.org/software/clients.html
|
||||||
[off-the-record]: https://otr.cypherpunks.ca/
|
[off-the-record]: https://otr.cypherpunks.ca/
|
||||||
|
[omemo]:https://conversations.im/omemo/
|
22
_posts/2017-01-22-support-for-omemo.md
Normal file
22
_posts/2017-01-22-support-for-omemo.md
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
---
|
||||||
|
title: OMEMO, OTR and GPG suppprt
|
||||||
|
layout: post
|
||||||
|
---
|
||||||
|
The XMPP foundation has begun standardizing the [OMEMO end-to-end encryption protocol][omemo-xep]. Therefore,
|
||||||
|
I decided it would be a good time to include support for this interesting new protocol on the xmpp.dk server.
|
||||||
|
|
||||||
|
In practice, this means I have installed a new plugin, mod_e2e_policy, which enables support for the three major
|
||||||
|
e2e encryption standards on XMPP nowadays, namely OTR (which you already know quite well), OMEMO and OpenPGP/GPG.
|
||||||
|
|
||||||
|
OMEMO provides several advantages over OTR. Among other things, it supports offline messages, group chats (which means
|
||||||
|
I can also start looking into enabling MUC conferences on the server at some point) and also it does away with
|
||||||
|
user-based fingerprints and instead uses device-based keys. This is especially useful if you're connected on multiple
|
||||||
|
devices simultaneously. As you know, this was problematic with OTR, but with OMEMO you can get end-to-end encryption
|
||||||
|
on all of your devices and hopefully never lose a message.
|
||||||
|
|
||||||
|
As always, if you have any trouble or want to ask questions, you can always [contact me directly](/contact/) over Jabber
|
||||||
|
or you can reach out on our [Twitter][twitter].
|
||||||
|
|
||||||
|
|
||||||
|
[omemo-xep]:https://conversations.im/omemo/
|
||||||
|
[twitter]:https://twitter.com/xmppdk
|
Loading…
Reference in a new issue