XEP-0384: Introduce ODR, improve specification #460
This new version of the specification introduces the OMEMO Double
This revision also improves the general quality of the specification
This new version of the specification introduces the OMEMO Double Ratchet. We now use our own, new wire format, making the protocol independent from third parties. This revision also improves the general quality of the specification by describing behaviors in more detail and using terminology more consistently.
Why the implementation notes now have a focus towards using Signal implementations?
I see that the current version (v0.2) of this XEP has removed all references to Olm, which were present in the 0.0.2 version
As Olm implements the same Double Ratchet algorithm, albeit with some differences, I think it matches the requirements for the "OMEMO Double Ratchet (ODR)" and can be used instead of Signal. Right?
If someone is looking into integrating XMPP with OMEMO encryption in a closed source app they cannot do so using Signal due to its GPLv3 licensing.
Because Olm is licensed under Apache License 2.0 can be used in applications where releasing their source is not an option.
As a result of the discussion in that thread, I also suggest this PR be moved back to Olm.
This would also solve the underspecification of some parts in this PR that result from defining our own Ratchet (e.g. header serialization format for authentication).
Some of the changes in this PR are still valid, though (e.g. more consistent tag names, the encryption scheme for the payload (which is also consistent with Olm)).
Some things will need to be added, including the authentication of identity through signatures, and at a later point the (optional?) signing of pre-keys.