New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OMEMO: Encrypted message notification #1901

Closed
blacoste opened this Issue Jun 8, 2016 · 9 comments

Comments

Projects
None yet
8 participants
@blacoste
Copy link

blacoste commented Jun 8, 2016

Issue:
When a message is OMEMO encrypted but is not addressed to a XMPP listening resource with Conversation client, user is not notified of a encrypted message exchanged.

This situation happens when a new device is added to a set of device and did not yet accomplished the key info excganges or on a MUC.

This is bad because if this situation happens the user is not notified that OMEMO is failing.

For instance I waste a lot of time believing that Carbon copy was not working and instead it was an OMEMO issue. Sending clear message would solve the issue and we would suddenly understand that the XMPP layer was OK.

OMEMO or Axolotl (can't remember) asks to silently drop this kind of message but this is a protocol requirement, not a GUI one.

Short:
Add a red text "OMEMO enciphered message" in the message conversation instead of nothing.

@lovetox

This comment has been minimized.

Copy link

lovetox commented Jun 8, 2016

maybe i understand this wrong

but either your device id is in the message, that means the message got encrypted for that device, so the key exchange happend

or you receive a message without your device id. this can have multiple reasons. for example someone doesnt trust that device
you want to get informed about every message that doenst have your device id in it?

@blacoste

This comment has been minimized.

Copy link

blacoste commented Jun 8, 2016

Yes, I think it could add beter clarity.

It is not a frequent situation to receive encrypted messages and cannot decipher them. Correct me if I am wrong but in all cases it should be a temporary situation caused by misconfiguration or pending questions (of trust for instance).

If one of my device was not trusted by a peer, I would be glad to know it instead of having a part of the conversation. Then we could fix together the issue.

@FriendFX

This comment has been minimized.

Copy link

FriendFX commented Jul 14, 2017

Just came across another use case for such notifications:

A friend of mine (generally tech-savvy but unaware of OMEMO's internal operation) and other friends usually communicate through a few MUCs. Because my friend's phone broke, he sent it in for repair and is now using a replacement mobile. He re-used his account details on the replacement, but of course, his original mobile's OMEMO keys aren't on it, so this replacement mobile now (silently) drops all encrypted messages me and my friends are sending to him in the MUCs and 1:1 chats as well. It took a while for me to figure out what was going on.

I think a clear notification (maybe one per chat room) that he got an encrypted message which couldn't be decrypted because no key was on the mobile for any of the message's device keys would've been very helpful in learning about the problem.

In any case more helpful than us all frantically trying to get him to respond to our - encrypted - messages he didn't even see.

@licaon-kter

This comment has been minimized.

Copy link
Contributor

licaon-kter commented Jul 14, 2017

@FriendFX Did you get his messages when he notified you about the "device change"... you know the usual "Hey, I got another phone blahblah" ?

@FriendFX

This comment has been minimized.

Copy link

FriendFX commented Jul 17, 2017

@licaon-kter Yes, these first messages from his new phone were unencrypted... and I got them. Unfortunately he didn't get mine, I guess because mine were still using his old phone's public keys.

The issue is that I, as an end user, have to know (because he told me that he has a new phone now) that I need to switch to un-encrypted to tell him to activate OMEMO again. And other parties unaware of the phone change (why would he tell everyone about it? He still uses his same old JID) are probably wondering why he doesn't respond to any of their encrypted messages. And he just sits there wondering why he doesn't get any messages from them.

I am sure somewhere there is a smart manual on how to switch phones with Conversations in order to move the existing OMEMO keys safely from an old to a new mobile, but in real life only a tiny fraction of users will be in a position to actually do it correctly when the need arises... unless it's done by the service personnel that issues the "replacement phone".

@philipflohr

This comment has been minimized.

Copy link
Contributor

philipflohr commented Aug 22, 2017

This problem is quite frequent if users reset their phones or use custom roms. In my opinion Conversations should at least display a warning that a message was received but cannot be shown.

@jotwewe

This comment has been minimized.

Copy link

jotwewe commented Mar 31, 2018

I'd like to support the request stated above: Conversations should display that it wasn't able to decrypt a message sent by user XY.
Related are the facts that Chatsecure revokes trust in a key in certain cases (ChatSecure/ChatSecure-iOS#814) and that Prosody starts with an empty list of keys (ChatSecure/ChatSecure-iOS#814 (comment)).

@JuniorJPDJ

This comment has been minimized.

Copy link

JuniorJPDJ commented Apr 6, 2018

I also support the request.
It must to be clarified.

@iNPUTmice

This comment has been minimized.

Copy link
Member

iNPUTmice commented Dec 6, 2018

Conversations now displays messages when an omemo messages can not be decrypted (needs mam:2 support on the server) and when an OMEMO message wasn’t encrypted for this device.

@iNPUTmice iNPUTmice closed this Dec 6, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment