Can anymany tell me how I'm "supposed" to use end-to-end encryption with XMPP?
As far as I can tell there are three totally different ways to do E2EE:
a)OTR : "[https://xmpp.org/extensions/xep-0364.html](Not intended to be a current standard), or technical specification, as better (albeit, newer and less well tested) methods of end-to-end encryption exist for XMPP. "
b)OpenPGP: There are at least two different XEPs about it. XEP-0027 is obsolete, while XEP-0373 is "experimental" but hasn't been updated in almost three years.
c)OMEMO: "Experimental" and hasn't been updated in over two years.
Is there a way to do E2EE in XMPP which is neither deprecated nor experimental? What's the "Current stable" way to do it?
Just made commits after a long gap to #Convo, my #XMPP app for #KaiOS. Still many basics to be worked out like rendering chats properly and allowing users to start a new conversation, but at least it's hackily usable :xmpp:
PS: if anyone familiar with #ConverseJS can help with making a headless version of the #OMEMO plugin that would be much appreciated! Please boost if you know anyone who can help there 🔒
@x I haven't used Pidgin, but the XMPP support is said to be very outdated. @grimmy is working on modern XMPP support, but until then Gajim is probably the best choice.
#XMPP is really cool - would love to replace other messengers with that. But sometimes #OMEMO is a bitch. If you chat with people changing their clients or using multiple ones the messages sometimes get encrypted for the wrong client. OMEMO in MUCs can also be a hazzle.
@jabberati@Billie there is currently an ejabberd bug that prevents s2s connections for some time after one of the servers restarted.
I don't know if you are running ejabberd, but at least our pushservers are running ejabberd so that could be the reason for the intermediate push outage you experienced.
I miss the days of having multi-service messaging clients like Trillian that would connect to your AIM, MSN Messenger, etc. and have all your contacts from all those networks in one place. #Pidgin is still a thing, but it doesn't, as far as I can tell, support #OMEMO or #OpenPGP for their #XMPP implementation. I'd love to see something like Pidgin supporting Signal, add OMEMO/OpenPGP to their XMPP support, maybe support connecting to Facebook Messenger, etc. all in one application.
@gerowen you can use gateways for that, notably #Slidge from @nicoco which is working on tight integration with features such as reactions, retraction, etc. You can then choose any #XMPP client that suits you, including #OMEMO when needed (won't work with gateway though).
@dekkzz76 I like Gajim. That's what I used to use before I started using Profanity, which me a couple MBs (at the cost of a much worse UI lol). OMEMO in Emacs is just an intersection of two things I find really interesting.
@blake For the record, I'm stabilizing the bridge API in #Libervia for the coming release. In other terms, it will be easier for third parties to make a frontend, and that could be done for #Emacs if anybody is motivated. Libervia supports state-of-the-art e2ee with OMEMO, OMEMO:2, OX (OpenPGP), Pubsub encryption and signature, blogging, and many other features, including ActivityPub gateway.
Weird #question time: what is a webchat (either #IRC or #XMPP) client that works with #OTR or #OMEMO encryption?
I'm looking for something that I can access from my work computer (where pretty much all I use is the browser), and ideally would have a way to use my own key for the encryption (instead of autogenerating one every time I log in).
@kzimmermann Typically #xmpp web-clients store the keys in the browser. I am not aware of one allows you to easily supply an externally stored key, but you can of course manually add it via the browser developer tools. #movimhttps://movim.eu is probably the easiest to use web-client that also supports #omemo
IIRC, it generates OMEMO keys and stores them in the local storage of the browser. I.e. it does not generate new keys on subsequent logins. You might need to allow local storage in your browser, though.