E2E in chat (was: Re: S/Mime usage)

Wiktor Kwapisiewicz wiktor at metacode.biz
Fri Oct 11 11:23:08 UTC 2019


Hi Patrick,

On 09.10.2019 21:58, Patrick Cloke wrote:
> It is unfortunately hard to get a clear picture of what is worth
> implementing for XMPP

XSF publishes Compliance Suites every year that group features that they 
consider "worth implementing". See for example:
https://xmpp.org/extensions/xep-0412.html

There are also tests run by companies that invest in XMPP heavily:
https://compliance.conversations.im/tests/

> (i.e. how many users exist that support different
> end-to-end encryption technologies).

That's not the impression I got from XSF mailing lists. There are three 
groups of E2E technologies within XMPP: legacy (OTR and old OpenPGP), 
recommended (OMEMO and new OMEMO) and there is also MLS that some XSF 
council members believe will replace OMEMO long-term but the spec is not 
ready.

Currently OMEMO is widely implemented, see: https://omemo.top/

OTR, as the wiki page indicates, is used in either legacy clients where 
multiprotocol support is necessary. (There is also OTRv4 in development 
supported by one client that showcases it: https://coy.im ).

> The major downside, in my
> understanding, is that OTR does not support multi-user chats. I'm sure
> there are some others, but OTR seemed like a good place to start.
> 
> There's a bug [1] about implementing OMEMO for anyone who is interested!

Thanks for the reference!

Kind regards,
Wiktor

-- 
https://metacode.biz/@wiktor


More information about the tb-planning mailing list