Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OTR Support #305

Open
valeriansaliou opened this issue Aug 13, 2013 · 16 comments
Open

OTR Support #305

valeriansaliou opened this issue Aug 13, 2013 · 16 comments
Assignees

Comments

@valeriansaliou
Copy link
Member

@valeriansaliou valeriansaliou commented Aug 13, 2013

@Neustradamus
Copy link
Member

@Neustradamus Neustradamus commented Jan 26, 2014

It is missing in 1.0 :/

@v-a
Copy link

@v-a v-a commented Mar 3, 2014

Hi, is this one still in the TODO list ?

@valeriansaliou
Copy link
Member Author

@valeriansaliou valeriansaliou commented Mar 3, 2014

Nope it's not anymore

@dolanor
Copy link

@dolanor dolanor commented Mar 25, 2014

Hello, why is it not in the TODO list anymore ? I think it was a great improvement for jappix. Is there an alternative technology you want to use to achieve P2P cryptography ?

@jyrihovila
Copy link

@jyrihovila jyrihovila commented Apr 29, 2014

I agree with dolanor; OTR would be very useful indeed. There's a project called Converse.JS which provides an already functional example of OTR in browser, implemented in JavaScript.

@GlasFrost
Copy link

@GlasFrost GlasFrost commented Sep 6, 2014

I'm missing OTR, too. Please add that feature to the web chat.

@TameOfGroans
Copy link

@TameOfGroans TameOfGroans commented Mar 27, 2015

Will jappix employ mpOTR for MUC? Xmpp Texting without end2end encryption is of little value.

@ghost
Copy link

@ghost ghost commented May 4, 2015

I agree with Off-the-record (OTR) encrypted messaging in jappix, at least in private single-user conversations, implementation wich exist for binary clients, and is well known.
mpOTR for MUC or OTR for multi-user chats doesn't exist neither for regular clients, and is now feauture cryptocat still trying to implement in its client.
XEP-0188: Cryptographic Design of Encrypted Sessions ..conceptual model for the approach specified in this document was inspired by "off-the-record" (OTR) communication..
recently has been implementented in converse.js and jsxc trough otr.js.
What I like of jappix first is its lightness, especially in the mini version, and the painless configuration of sasl anoymous login and server generated JID without a password, both other two competitors seems can't manage this very well, and the possibilty to query another user immediatly at login. Don't even have to clic, on page load conversation start.
The opporunity to start an encrypted end to end conversation jappix network servers, that often offers sasl-anonymous well configurated on server side, should be a very useful and appreciated thing indeed with this light client.
Thank You for you effort.

@valeriansaliou
Copy link
Member Author

@valeriansaliou valeriansaliou commented Nov 20, 2015

Planned ASAP 🍺

@valeriansaliou
Copy link
Member Author

@valeriansaliou valeriansaliou commented Nov 21, 2015

Considering implementing OMEMO rather, as it is more XMPP-ish + enables multi-device message synchronization.

See: http://conversations.im/omemo/

@dolanor
Copy link

@dolanor dolanor commented Nov 25, 2015

I use Signal a lot, and I think Axolotl is a great idea. Totally for using this on top of xmpp. And the multi device is a real issue. Great that it tackles with it.

@ghost
Copy link

@ghost ghost commented Dec 25, 2015

There is no omemo javascript implementation at this time, omemo aim to securely identify devices to obtain multi end point delivery.

The "issue" here is end to end encryption, which has some limitation in offline delivery.

Axolotl aims to solve offline delivery but not in the js implementation at the moment, through history syncronization (in regular clients not in a browser window).

So, here I hoped to get at least some kind of "old" e2e encryption that didn't come.

Now what are you promising? offline encrypted messages? or multi end points? that doesn't exist neither in binary clients (ok offline can be achieved through PGP as usual but not through OTR implementation loosing perfect forward secrecy and deniability), history sync is server dependant and many servers don't store offline messages for security purpose.

I really hope you stick with e2e encryption and eventually the possibility to decrypt offline messages sent with jappix and recieved in a regular client. (do you really want to solve an offline e2e encrypted message recieved by a js client offering perfect forward secrecy and deniabilty? in javascript?)

but for now no encryption.

sorry.

@incredulity
Copy link

@incredulity incredulity commented Apr 6, 2016

@valeriansaliou

Considering implementing OMEMO

Yes, I would greatly appreciate this over mpOTR and OTR.

@aslmx
Copy link

@aslmx aslmx commented Feb 22, 2018

After almost 2 years... any news on OMEMO?
See also: https://omemo.top/
more and more clients add it...

@Eijebong
Copy link

@Eijebong Eijebong commented Feb 22, 2018

@aslmx Jappix isn't maintained anymore ;)

@aslmx
Copy link

@aslmx aslmx commented Feb 26, 2018

ah. Good to know. Thanks for the info...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
10 participants
You can’t perform that action at this time.