@tuxflo @kde the UI already looks pretty similar between them, at least for the mobile portion. Merging them does not sound like a good idea. I'd rather have each app tailored to the specific protocol.

@brad @tuxflo There were some plans in making shared chat components so that it is easier to develop a kirigami chat application but abstracting the backends is too complicated and we would need to make some compromises. Better is to have 2 good applications, each for one protocol than one big application that doesn't work correctly.

@carl @brad OK then I hope that both applications will be great and the that there is enough (wo)manpower to keep the great development speed of the KDE projects.

@0 @kde seems like it is... what else Should it be?

@jr

Anything that doesn't blow the availability #security property out of the water, such as #OpenPGP.

@kde

@0 PGP is not suitable for most users of instant messaging.... the want it to just work and not want to setup many things.... and as far as I understand kaidan aims to be a client for those people

@jr

There's an #XEP draft out there to make what's essentially an #XMPP analogous to #AutoCrypt. There's nothing intrinsically wrong with #OpenPGP that would stop it being used in trust on first contact mode. And you still have the option of trust + verify (i.e., have / have not checked fingerprints) and trust + verify + sign.

@jr

Besides, the point is not the suitability of #OpenPGP but the patent unsuitability of #OMEMO as a serious solution.

@0 with the current it does not have patent problems anymore AFAIR

@jr
Patent as in obvious.

Just out of curiosity do you use OpenPGP with XMPP personally? I know just one person that does it consciously, everyone else can hardly configure clients to do it so I’m asking for a data point in case :)

@wiktor

No. I use #OpenPGP in a business context as part of certain processes but in general #email, #XMPP and #telephone conversations happen in the clear, both business-related (unless initiated #encrypted by the other party, which does happen occasionally) and personal.

Sensitive stuff is only discussed face to face and always stays out of *any* computer system.

@wiktor
I could of course configure it if I wanted to (edit, in fact, it already is, thanks to #OpenKeyChain + #Conversations / #BlabberIM 🙂, literally two clicks), but I consciously decide not to, as it offers more false #security than real protection.

Given your tags (aviation) and the TLD (fr) I think I can already guess the business name :)

Thanks for your reply! I'd gladly inquire more but don’t want to enter the business sensitive territory.

See you later! 👋

@0 @jr Any from the https://xmpp.org/extensions/inbox/? (indeed, if someone doesn't need PFS then PGP-based solution could be better/easier)

@jr @0
With TOFO trust model it should be easy to use openpgp. One problem may to share the private key. But lot of users just use the mobile device, I guess.

@stefan

Installing one's private key across devices remains an issue regardless, whenever there's a private key in the first place.

#OMEMO pretends to get around this by authenticating devices not users.

@jr