Skip to content
This repository has been archived by the owner on Jan 24, 2018. It is now read-only.

Gibber Sprint 1 Spec December 2010

Jump to bottom
djhalliday edited this page Dec 9, 2010 · 2 revisions

#Gibber Sprint 1 – December 2010

The current development version of Gibber serves mainly as a proof of concept for OTR integration with the standard Android XMPP chat application. It provides basic functionality including contact list loading, presence updates and functional (though not very usable) key exchange and conversation encryption.

##Sprint Goals: The goal of Gibber Sprint 1 is to complete a beta version of the product and provide usable, clear functionality for the basics of OTR-encrypted mobile chat over XMPP, including the following features:

  • Single XMPP account registration & usage
  • Application introduction / copy
  • Account setup flow
  • Improved UI for key exchange
  • Secure session verification
  • Local application data encryption

From an application architecture perspective, the goals of Sprint 1 include:

  • XMPP support only
  • XMPP support only
  • General application clean-up
  • Moving OTR code from XmppConnection to IM UI/view

##Specs: In the interests of minimizing needless documentation, the following specs are not meant to cover every possible use case for Gibber Sprint 1. Instead they represent the core user stories for the features described above.

###Application Introduction / Copy #16

Description: Basic application introduction and description of what the application does and does not do. Provides a framework to prompt user for application-level passphrase [another Sprint 1 feature].

###Account Setup Flow #18

Surfaces basic account-level preferences in a step-by-step process, including basic login information, personal information and account cache’ing. Provides a framework for the user to set account encryption settings (likely a Sprint 2 feature).

###Improved UI for Key Exchange - #20,#1 The current development version of Gibber supports basic OTR key exchange, but in a manner that is not usable / clear. The intent of this feature is to enhance the User Experience for key exchange – for both contact-initiated and self-initiated secure sessions. This includes providing visual indications within the active chat UI to indicate the secure status of a given conversation (secure or not).

###Secure Session Verification - #10 Once a secure chat session has been initiated it currently isn’t possible to verify or view the OTR keys if the user switches to another window and switches back. This feature provides a contextual chat menu option to verify a secure session.

###Local Application Data Encryption - #17 Provide the capability to locally encrypt Gibber application data - including account information and conversation histories – with a user-configured passphrase. Should use PBKDF2 or similar to derive an encryption key from passphrase to resist brute-force attacks. We’ve discussed SQLcipher (http://sqlcipher.net/) as a possible technical solution for this feature. See Application Introduction / Copy above for related mockups.

Clone this wiki locally