OTR Support #305

Open
valeriansaliou opened this Issue Aug 13, 2013 · 16 comments

Comments

@Neustradamus

This comment has been minimized.

Show comment
Hide comment
@Neustradamus

Neustradamus Jan 26, 2014

Member

It is missing in 1.0 :/

Member

Neustradamus commented Jan 26, 2014

It is missing in 1.0 :/

@v-a

This comment has been minimized.

Show comment
Hide comment
@v-a

v-a Mar 3, 2014

Hi, is this one still in the TODO list ?

v-a commented Mar 3, 2014

Hi, is this one still in the TODO list ?

@valeriansaliou

This comment has been minimized.

Show comment
Hide comment
@valeriansaliou

valeriansaliou Mar 3, 2014

Member

Nope it's not anymore

Member

valeriansaliou commented Mar 3, 2014

Nope it's not anymore

@dolanor

This comment has been minimized.

Show comment
Hide comment
@dolanor

dolanor Mar 25, 2014

Hello, why is it not in the TODO list anymore ? I think it was a great improvement for jappix. Is there an alternative technology you want to use to achieve P2P cryptography ?

dolanor commented Mar 25, 2014

Hello, why is it not in the TODO list anymore ? I think it was a great improvement for jappix. Is there an alternative technology you want to use to achieve P2P cryptography ?

@jyrihovila

This comment has been minimized.

Show comment
Hide comment
@jyrihovila

jyrihovila Apr 29, 2014

I agree with dolanor; OTR would be very useful indeed. There's a project called Converse.JS which provides an already functional example of OTR in browser, implemented in JavaScript.

I agree with dolanor; OTR would be very useful indeed. There's a project called Converse.JS which provides an already functional example of OTR in browser, implemented in JavaScript.

@GlasFrost

This comment has been minimized.

Show comment
Hide comment
@GlasFrost

GlasFrost Sep 6, 2014

I'm missing OTR, too. Please add that feature to the web chat.

I'm missing OTR, too. Please add that feature to the web chat.

@TameOfGroans

This comment has been minimized.

Show comment
Hide comment
@TameOfGroans

TameOfGroans Mar 27, 2015

Will jappix employ mpOTR for MUC? Xmpp Texting without end2end encryption is of little value.

Will jappix employ mpOTR for MUC? Xmpp Texting without end2end encryption is of little value.

@maurobonapace

This comment has been minimized.

Show comment
Hide comment
@maurobonapace

maurobonapace May 4, 2015

I agree with Off-the-record (OTR) encrypted messaging in jappix, at least in private single-user conversations, implementation wich exist for binary clients, and is well known.
mpOTR for MUC or OTR for multi-user chats doesn't exist neither for regular clients, and is now feauture cryptocat still trying to implement in its client.
XEP-0188: Cryptographic Design of Encrypted Sessions ..conceptual model for the approach specified in this document was inspired by "off-the-record" (OTR) communication..
recently has been implementented in converse.js and jsxc trough otr.js.
What I like of jappix first is its lightness, especially in the mini version, and the painless configuration of sasl anoymous login and server generated JID without a password, both other two competitors seems can't manage this very well, and the possibilty to query another user immediatly at login. Don't even have to clic, on page load conversation start.
The opporunity to start an encrypted end to end conversation jappix network servers, that often offers sasl-anonymous well configurated on server side, should be a very useful and appreciated thing indeed with this light client.
Thank You for you effort.

I agree with Off-the-record (OTR) encrypted messaging in jappix, at least in private single-user conversations, implementation wich exist for binary clients, and is well known.
mpOTR for MUC or OTR for multi-user chats doesn't exist neither for regular clients, and is now feauture cryptocat still trying to implement in its client.
XEP-0188: Cryptographic Design of Encrypted Sessions ..conceptual model for the approach specified in this document was inspired by "off-the-record" (OTR) communication..
recently has been implementented in converse.js and jsxc trough otr.js.
What I like of jappix first is its lightness, especially in the mini version, and the painless configuration of sasl anoymous login and server generated JID without a password, both other two competitors seems can't manage this very well, and the possibilty to query another user immediatly at login. Don't even have to clic, on page load conversation start.
The opporunity to start an encrypted end to end conversation jappix network servers, that often offers sasl-anonymous well configurated on server side, should be a very useful and appreciated thing indeed with this light client.
Thank You for you effort.

@valeriansaliou

This comment has been minimized.

Show comment
Hide comment
@valeriansaliou

valeriansaliou Nov 20, 2015

Member

Planned ASAP 🍺

Member

valeriansaliou commented Nov 20, 2015

Planned ASAP 🍺

@marxistvegan marxistvegan referenced this issue in movim/movim Nov 20, 2015

Closed

Add OMEMO encryption [$100] #63

@valeriansaliou

This comment has been minimized.

Show comment
Hide comment
@valeriansaliou

valeriansaliou Nov 21, 2015

Member

Considering implementing OMEMO rather, as it is more XMPP-ish + enables multi-device message synchronization.

See: http://conversations.im/omemo/

Member

valeriansaliou commented Nov 21, 2015

Considering implementing OMEMO rather, as it is more XMPP-ish + enables multi-device message synchronization.

See: http://conversations.im/omemo/

@dolanor

This comment has been minimized.

Show comment
Hide comment
@dolanor

dolanor Nov 25, 2015

I use Signal a lot, and I think Axolotl is a great idea. Totally for using this on top of xmpp. And the multi device is a real issue. Great that it tackles with it.

dolanor commented Nov 25, 2015

I use Signal a lot, and I think Axolotl is a great idea. Totally for using this on top of xmpp. And the multi device is a real issue. Great that it tackles with it.

@maurobonapace

This comment has been minimized.

Show comment
Hide comment
@maurobonapace

maurobonapace Dec 25, 2015

There is no omemo javascript implementation at this time, omemo aim to securely identify devices to obtain multi end point delivery.

The "issue" here is end to end encryption, which has some limitation in offline delivery.

Axolotl aims to solve offline delivery but not in the js implementation at the moment, through history syncronization (in regular clients not in a browser window).

So, here I hoped to get at least some kind of "old" e2e encryption that didn't come.

Now what are you promising? offline encrypted messages? or multi end points? that doesn't exist neither in binary clients (ok offline can be achieved through PGP as usual but not through OTR implementation loosing perfect forward secrecy and deniability), history sync is server dependant and many servers don't store offline messages for security purpose.

I really hope you stick with e2e encryption and eventually the possibility to decrypt offline messages sent with jappix and recieved in a regular client. (do you really want to solve an offline e2e encrypted message recieved by a js client offering perfect forward secrecy and deniabilty? in javascript?)

but for now no encryption.

sorry.

There is no omemo javascript implementation at this time, omemo aim to securely identify devices to obtain multi end point delivery.

The "issue" here is end to end encryption, which has some limitation in offline delivery.

Axolotl aims to solve offline delivery but not in the js implementation at the moment, through history syncronization (in regular clients not in a browser window).

So, here I hoped to get at least some kind of "old" e2e encryption that didn't come.

Now what are you promising? offline encrypted messages? or multi end points? that doesn't exist neither in binary clients (ok offline can be achieved through PGP as usual but not through OTR implementation loosing perfect forward secrecy and deniability), history sync is server dependant and many servers don't store offline messages for security purpose.

I really hope you stick with e2e encryption and eventually the possibility to decrypt offline messages sent with jappix and recieved in a regular client. (do you really want to solve an offline e2e encrypted message recieved by a js client offering perfect forward secrecy and deniabilty? in javascript?)

but for now no encryption.

sorry.

@incredulity

This comment has been minimized.

Show comment
Hide comment
@incredulity

incredulity Apr 6, 2016

@valeriansaliou

Considering implementing OMEMO

Yes, I would greatly appreciate this over mpOTR and OTR.

@valeriansaliou

Considering implementing OMEMO

Yes, I would greatly appreciate this over mpOTR and OTR.

@aslmx

This comment has been minimized.

Show comment
Hide comment
@aslmx

aslmx Feb 22, 2018

After almost 2 years... any news on OMEMO?
See also: https://omemo.top/
more and more clients add it...

aslmx commented Feb 22, 2018

After almost 2 years... any news on OMEMO?
See also: https://omemo.top/
more and more clients add it...

@Eijebong

This comment has been minimized.

Show comment
Hide comment
@Eijebong

Eijebong Feb 22, 2018

@aslmx Jappix isn't maintained anymore ;)

@aslmx Jappix isn't maintained anymore ;)

@aslmx

This comment has been minimized.

Show comment
Hide comment
@aslmx

aslmx Feb 26, 2018

ah. Good to know. Thanks for the info...

aslmx commented Feb 26, 2018

ah. Good to know. Thanks for the info...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment