Review by lool0, thanks!
Signed-off-by: Maxime “pep” Buquet <pep@bouah.net>
This commit is contained in:
parent
2db452c30f
commit
8d75a9962e
1 changed files with 21 additions and 20 deletions
|
@ -10,9 +10,9 @@ Please give us feedback on the [tracker] or in the [channel]!
|
||||||
|
|
||||||
After [almost a year][opkode-gulash] since I started working on the [OMEMO]
|
After [almost a year][opkode-gulash] since I started working on the [OMEMO]
|
||||||
(end-to-end) encryption mechanism support for [Slixmpp], I am happy to finally
|
(end-to-end) encryption mechanism support for [Slixmpp], I am happy to finally
|
||||||
announce a first release. I would like to get feedback, I am sure there are
|
announce a first release. I would like to get feedback. I am sure there are
|
||||||
still plenty of things to improve, and so I encourage developers to do their
|
still plenty of things to improve, and so I encourage developers to bring out
|
||||||
worst, and report their findings.
|
their inner vandal, break it and report their findings.
|
||||||
|
|
||||||
This library provides an interface to [python-omemo].
|
This library provides an interface to [python-omemo].
|
||||||
|
|
||||||
|
@ -22,7 +22,7 @@ Documentation is available in the [README][slix-omemo-README], and there is
|
||||||
also an [echo bot][slix-omemo-bot], with lots of comments.
|
also an [echo bot][slix-omemo-bot], with lots of comments.
|
||||||
|
|
||||||
Thanks to Syndace and [Daniel] for the help with the OMEMO implementation, and
|
Thanks to Syndace and [Daniel] for the help with the OMEMO implementation, and
|
||||||
[mathieui] and [Link Mauve] for the help on Slixmpp, and moral support.
|
[mathieui] and [Link Mauve] for the help on Slixmpp and moral support.
|
||||||
|
|
||||||
|
|
||||||
[slix-omemo]: https://lab.louiz.org/poezio/slixmpp-omemo
|
[slix-omemo]: https://lab.louiz.org/poezio/slixmpp-omemo
|
||||||
|
@ -41,13 +41,13 @@ Thanks to Syndace and [Daniel] for the help with the OMEMO implementation, and
|
||||||
|
|
||||||
## Separate repository
|
## Separate repository
|
||||||
|
|
||||||
As you may have noticed, this plugin is served via separate repository. This
|
As you may have noticed, this plugin is served via a separate repository. This
|
||||||
is for licensing purposes. As much as I like GPL and copyleft, Slixmpp is
|
is for licensing purposes. As much as I like GPL and copyleft, Slixmpp is
|
||||||
licensed under the MIT license, and this is probably not going to change.
|
licensed under the MIT license, and this is probably not going to change.
|
||||||
Fortunately for Slixmpp, this split should not last forever.
|
Fortunately for Slixmpp this split should not last forever.
|
||||||
|
|
||||||
The [python-omemo] library that is used, developed by Syndace, is a complete
|
The [python-omemo] library that is used -- developed by Syndace -- is a complete
|
||||||
reimplementation of the Signal Protocol, unlike [python-axolotl], which is a
|
reimplementation of the Signal Protocol unlike [python-axolotl], which is a
|
||||||
port of the original library implemented in Signal.
|
port of the original library implemented in Signal.
|
||||||
|
|
||||||
The only bits that prevent him for releasing his library under MIT is the
|
The only bits that prevent him for releasing his library under MIT is the
|
||||||
|
@ -61,24 +61,25 @@ easier said than done.)
|
||||||
|
|
||||||
## Why OMEMO?
|
## Why OMEMO?
|
||||||
|
|
||||||
There is still lots of things to be improved in OMEMO, the specification.
|
There is still lots of things to be improved in the OMEMO specification.
|
||||||
|
|
||||||
I would personally like to see what is usually called _Full Stanza
|
I would personally like to see what is usually called _Full Stanza Encryption_
|
||||||
Encryption_ (it's really only partial). Today, an OMEMO implementation will
|
added to the spec. Today, an OMEMO implementation will only encrypt the
|
||||||
only encrypt the plaintext part of messages you send, and either leak
|
plaintext (`<body/>`) part of messages you send, and either leak everything
|
||||||
everything else (e.g., chatstates, receipts, corrections, xhtml-im), or
|
else (e.g., chatstates, receipts, corrections, xhtml-im), or effectively
|
||||||
effectively disable them, for privacy-conscious implementations.
|
disable them, for privacy-conscious implementations.
|
||||||
|
|
||||||
I would also like to drop _Forward Secrecy_, in the context of Instant
|
I would also like to drop _Forward Secrecy_, in the context of Instant
|
||||||
Messaging. And I would like to have a better way to manage all these device
|
Messaging. And I would like to have a better way to manage all these device
|
||||||
keys, and I know there are people working on this already.
|
keys, and I know there are people working on this already.
|
||||||
|
|
||||||
Not having all these options heavily degrade user experience in my opinion,
|
Not having all these options (or having them, in the case of _Forward
|
||||||
and that is my main concern.
|
Secrecy_) heavily degrades user experience in my opinion, and that is my main
|
||||||
|
concern.
|
||||||
|
|
||||||
Not having OMEMO though, is also not great either for user experience, as many
|
Not having OMEMO though, is also not great either for user experience, many
|
||||||
implementations nowadays provide it, and some even enable it by default,
|
implementations nowadays provide it, and some even enable it by default.
|
||||||
making it impossible for us Slixmpp users to communicate with, without having
|
This makes it impossible for us Slixmpp users to communicate without having
|
||||||
to ask the sender to turn it off first.
|
to ask the sender to turn it off first.
|
||||||
|
|
||||||
While I would prefer to see other alternatives, this library should help with
|
While I would prefer to see other alternatives, this library should help with
|
||||||
|
@ -88,7 +89,7 @@ the current situation, and we can go back to work on fixing the world.
|
||||||
## What's next?
|
## What's next?
|
||||||
|
|
||||||
Apart from the tons of bugs that I'll have to fix in the following days/weeks,
|
Apart from the tons of bugs that I'll have to fix in the following days/weeks,
|
||||||
now that we have the foundations, next step is to implement OMEMO in [Poezio].
|
now that we have the foundations next step is to implement OMEMO in [Poezio].
|
||||||
|
|
||||||
Any help is welcome!
|
Any help is welcome!
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue