-
r4v3r23
hello
-
r4v3r23
are there any XMPP clients that enforce OMEMO?
-
MSavoritias (fae,ve)
Profanity and conversations and forks have an option to do so
-
r4v3r23
MSavoritias (fae,ve): they block any non-OMEMO messages?
-
MSavoritias (fae,ve)
They will basically make every 1:1 chat and private group chat you are in to be omemo. Which makes everybody forced to use omemo with you. Thats the idea at least. Xmpp being a federated system clients may ignore it
-
jonas’
last time I checked conversations accepted inbound unencrypted messages just fine
-
r4v3r23
jonas’: I think I noticed the same
-
jonas’
(which is good)✎ -
jonas’
(which is good, IMO) ✏
-
r4v3r23
is it possible to create a client that enforces all conversations to use OMEMO over Tor?
-
lovetox
no
-
lovetox
clients can not enforce anything on other clients
-
lovetox
if you want to enforce stuff, you should probably look at server mods
-
r4v3r23
meaning only users of that app will communicate over omemo/tor
-
Link Mauve
r4v3r23, what do you want to happen when I send you a message not using OMEMO?
-
Link Mauve
Do you want to be able to read it to get the chance to tell me to enable OMEMO, or do you want it to plain not be shown to you?
-
r4v3r23
reject it. only allow comms using OMEMO
-
techmetx11
forcing OMEMO when sending your messages is cool, but rejecting all messages that aren't OMEMO-encrypted is stupid
-
r4v3r23
why?
-
r4v3r23
I'm not asking if its stupid. is it possible?
-
MSavoritias (fae,ve)
No because you dont control everybodys clients
-
techmetx11
yes
-
techmetx11
sometimes you have to tell them to enable OMEMO
-
techmetx11
and they'll probably happily do it for you :)
-
lovetox
r4v3r23, it depends what your goal is
-
lovetox
if a user sends you a unencrypted message, and your client simply does not show it to you
-
r4v3r23
my goal is OMEMO to OMEMO chats only
-
lovetox
for outsiders a unencrypted message with a specific content was still sent to your device and was received there
-
r4v3r23
with no option to have it disabled
-
techmetx11
then ask them to enable OMEMO :)
-
lovetox
r4v3r23, of course you can write your own client that does not allow to disable omemo
-
lovetox
still you would need to force people to use it, and you basically cannot find out if they dont
-
techmetx11
yes
-
lovetox
if your goal is, "I want all communication encrypted" you dont need omemo
-
lovetox
simply set up your own server, register an account for all users you want to chat with, and force TLS connections on the server
-
lovetox
then you can be sure all traffic from all accounts to other accounts on the same server is encrypted, and no client has a possibility to circumvent that
-
r4v3r23
and if I wanted to build an app that any one can use?
-
flow
r4v3r23, then you dan do that too, but it will obviously cause problems if you want to federate with other implementations outside of your control
-
r4v3r23
like an XMPP version of signal
-
lovetox
why not use signal?
-
r4v3r23
flow: it wouldn't, it would just be for users of that app
-
lovetox
you want to create a walled garden messenger service
-
lovetox
why not use one of the existing ones?
-
flow
I think there a very valid reasons for not using signal
-
techmetx11
such as, phone number requirement
-
lovetox
there is no need for you to guess what potential reasons could be to not use signal, it was a question to r4v3r23 why he doesnt use it
-
lovetox
seems he needs a app that always is E2E encrypted, does not support unencrypted communication, and all users should use the same app
-
lovetox
until now all boxes are checked for signal :)
-
flow
r4v3r23's questions seemed to be more from a developers perspective than a users one
-
r4v3r23
I don't like signals phone number requirement
-
r4v3r23
and prefer onion to onion addresses
-
techmetx11
i wonder, should there be an XEP for requesting the other party to enable encryption
-
Stefan
:) I have to reject all the time :)
-
techmetx11
:)
-
Stefan
OMEMO is not working for me.
-
techmetx11
omemo just works for me
-
lovetox
r4v3r23, i would start with forking some mobile client like cnversations, add all your requirements, like TOR connection, and always OMEMO
-
r4v3r23
yeah that's what I think I'll do
-
lovetox
then you need to setup servers, and reject all communication that does not come from your app
-
lovetox
and last step you need to convince users to download your app
-
Martin
But then non-e2ee messages still go from normal users client to normal userser server and from normal users server to r4v3r23 server without e2ee and are only dropped at r4v3r23 server.
-
lovetox
> and reject all communication that does not come from your app
-
lovetox
and his app does only register accounts on his server
-
Martin
Still people can write from normal clients using normal servers as long as s2s is not disabled.
-
lovetox
no, because his app does only connect to his server
-
Martin
Building a silo like WhatsApp does you can of course enforce everything.
-
lovetox
and the server accepts only connection from the app
-
lovetox
so there is no s2s
-
Martin
Ah, I only got the c2s limitation and the implied disabling of s2s was not clear to me.
-
Martin
But I really dislike the idea of building silos. Rather tell the people to use omemo when they don't than simply blocking communication.
-
Martin
Wasn't there a terrible server which didn't deliver messages without otr.✎ -
Martin
Wasn't there a terrible server which didn't deliver messages without otr? ✏
-
techmetx11
i think it's better to tell people to use omemo
-
techmetx11
i mean you only do it once per user
-
techmetx11
after that it should stay enabled
-
Martin
https://modules.prosody.im/mod_require_otr.html mod_require_omemo when?
-
r4v3r23
Martin: yeah, I'm basically looking for a way to automate the ignoring of non-OMEMO messages
-
MattJ
I don't understand why you would want to just ignore them
-
MattJ
That will just lead people to think you are ignoring their messages, and you won't even know they tried to contact you
-
lovetox
When i change my nickname in a MUC
-
lovetox
does the MUC Service on sending the new presence for the new nick, include all the presence attributes like show and status?
-
lovetox
or better said, if i include show/status in my nickname change presence, then i can depend on it beeing broadcasted also for the new nickname presence?
-
adx
what's more common in the wild rn: legacy bookmarks or the pep ones?
-
emus
basphemic question, right? 🙂
-
emus
not that I dont like it 🙂