Add OMEMO encryption [$100]

[cart]

I haven't seen end to end encryption mentioned anywhere. For an organization claiming "Our first aim is to protect your privacy" this seems like an important feature. Have you considered implementing XEP-0027? Conversations (the android app) supports it.

[edhelas]

There's a bounty on BoutySource here https://www.bountysource.com/teams/movim/issues?utm_source=Movim&utm_medium=shield&utm_campaign=bounties_received

Implementing OTR in Movim is really-really tricky because I have to keep the sessions open, even if you reload the pages, something that people do all the time. Other clients don't have this issue because they are running everything in the same "process". So it's definitely not plan yet in Movim. Also OTR has some serious compatibility issues with XMPP (like handling properly the different resources, the history…).

XEP-0027 is Obsolete actually.

[ghostofkendo]

It would be great to have end-to-end encryption in Movim.

Although it's somewhat different from Movim, Salut à Toi has OTR support: http://repos.goffi.org/sat/file/8cc7d83141a4/src/plugins/plugin_sec_otr.py
Maybe you could use SàT's implementation as inspiration for Movim?

Also, regarding the difficulty to correctly implement OTR with XMPP, you could perhaps start with a first minimal version without resources support (e.g. an OTR-encrypted conversation is only valid for the resource used to start it), etc.

[marxistvegan]

edhelas not to belabor the point but there is also this jappix/jappix#305

[edhelas]

Like I said in my previous comment Jappix run in an unique tab so there is no issue to use OTR.js, which is not the case for Movim.

[mulles]

There is a quite new encryption "method" designed for instant messaging, currently implemented in conversations android app:
https://en.m.wikipedia.org/wiki/OMEMO_(encryption)

It's worth a lock.

[dkellner]

+1 for implementing OMEMO instead of OTR.

[heyimgay]

I'd look to cyph for inspiration, specifically their websign solution to guaranteeing trust after the initial visit.

[edhelas]

I'm currently having a look at a possible OMEMO implementation in Movim.

[bb010g]

Any updates on this or areas assistance would be wanted in?