Difference between revisions of "XMPP E2E Security"

Jump to navigation Jump to search
733 bytes added ,  08:03, 17 October 2018
(Clarify groupchat restrictions on OMEMO)
Line 8: Line 8:


OMEMO is based on the Signal double ratchet and provides forward secrecy, compatibility with history retrieval for devices that are already part of the ratchet, and a number of other benefits over legacy encryption mechanisms. It has had an independent third party audit (see related links at bottom).
OMEMO is based on the Signal double ratchet and provides forward secrecy, compatibility with history retrieval for devices that are already part of the ratchet, and a number of other benefits over legacy encryption mechanisms. It has had an independent third party audit (see related links at bottom).
== XEP-0373: OpenPGP for XMPP / XEP-0374: OpenPGP for XMPP Instant Messaging ==
'''Recommendation:''' Exploratory implementations are encouraged.
The OpenPGP for XMPP (OX) specification currently consists of a baseline specification: [https://xmpp.org/extensions/xep-0373.html XEP-0373] and a profile for Instant Messaging specification [https://xmpp.org/extensions/xep-0374.html XEP-0374]. It is under active development and thus subject to change although can be considered pretty stable for the major parts.
OX attempts to fix the various security design flaws of XEP-0027, and additionally specifies features like "arbitrary extension element" verification and protection.
Implementations are available for Gajim and Smack.


== XEP-0027 (legacy PGP) ==
== XEP-0027 (legacy PGP) ==
165

edits

Navigation menu