~nicoco/public-inbox

This thread contains a patchset. You're looking at the original emails, but you may wish to use the patch review UI. Review patch
1

[PATCH] Add a few mentions on communication and encryption

Details
Message ID
<20221110222403.1402980-1-hugo@whynothugo.nl>
DKIM signature
missing
Download raw message
Patch: +7 -2
---

 README.md | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index bd8af3c..c46f2a1 100644
--- a/README.md
+++ b/README.md
@@ -115,13 +115,18 @@ About privacy

Slidge (and most if not all XMPP gateway that I know of) will break
end-to-end encryption, or more precisely one of the 'ends' become the
gateway itself. If privacy is a major concern for you, my advice would
be to:
gateway itself. Communication between Slidge and the client will not use OMEMO,
so messages are also exposed to the XMPP server. If privacy is a major concern
for you, my advice would be to:

-   use XMPP + OMEMO
-   self-host your gateways
-   have your gateways hosted by someone you know AFK and trust

Additionally, note that communication between the XMPP server and the component
are not encrypted; they are expected to run on the same host or in a secured
network.

Related projects
----------------

-- 
2.38.1
Details
Message ID
<2e222c36-8250-faad-b905-22e1f1e47f66@nicoco.fr>
In-Reply-To
<20221110222403.1402980-1-hugo@whynothugo.nl> (view parent)
DKIM signature
missing
Download raw message
Thanks Hugo!

I am all for disclosing how slidge work and not providing a fake
feeling of privacy. However, I don't want to scare potential adopters
by making it sound like it's worse than it actually is,
especially in the README. I think it is already clear that slidge is
a convenient way to route all your comms
to XMPP and not a "privacy solution" or anything like it.

>Communication between Slidge and the client will not use OMEMO,
>so messages are also exposed to the XMPP server.  For slidge to work, the XMPP server needs special configuration, so 
basically you are expected to be the XMPP server admin. I know that you 
plan to run slidge on a rpi and prosody on a VPS you don't trust, but 
this is an unusual setup. Maybe this OMEMO part should be in the user 
docs. >Additionally, note that communication between the XMPP server and 
the component
>are not encrypted; they are expected to run on the same host or in a secured
>network.

OK for this part, but I think it would fit the admin docs better than the
README. At least it should mention that this is not an implementation choice by
slidge, but rather just the spec, cf https://xmpp.org/extensions/xep-0114.html

That said, I agree that the README part about privacy is meh, and I
should rephrase it a bit, I'll work on that. I should probably write a FAQ
instead... maybe?

To not provide this false feeling of privacy, I chose not to mention
that by using slidge instead of $LEGACY_NETWORK_OFFICIAL_APP,
at least you avoid leaking all sort of data like your address book,
location, or anything that the data collection in your pocket provides.

Additional note: to have CI jobs run on you rpatches (if it's repaired...),
the subject should be [PATCH slidge]. Not a problem at all for a README/doc
patch, but in case you put in some work about that slixmpp-omemo integration,
it's good to know ;)

-- nicoco
Reply to thread Export thread (mbox)