ChatSecure tries to initiate an OTR session even when an OMEMO session has already been established

[Spydar007]

This is probably going to be a duplicate of something else.

I have had it confirmed from numerous contacts that, when the "Best Available" option is selected, ChatSecure keeps attempting to (so much that it spams the chat) initiate an OTR session even after an OMEMO session has been established.

To stop it, you have to change the Encryption Settings to be "OMEMO" only.

[chrisballinger]

Ah yes, I meant to change this default in v4.1.0 because OTRDATA file transfer is no longer needed now that we have XEP-0363. Thanks for the reminder.

[link2xt]

@chrisballinger XEP-0363 is just uploading files to web server and transferring a link. It is not encrypted. OTRDATA file transfer is end-to-end encrypted.

Before switching to XEP-0363 this problem should be solved, for example by encrypting files and transferring a key in message along with the link.

Edit: I see that #736 has aesgcm:// item, cool.

[afriedmanGlacier]

I pulled a file over from our server that was sent with HTTP Upload using OMEMO and it said "The file ... could not be opened" and "It may be damaged or use a file format that Preview doesn't recognize" so, I'm thinking its encrypted for us though I'm not sure if there is anything else to check

[chrisballinger]

The transfers are encrypted as long as you aren't using "plaintext" mode.

[ronnicek]

Hi,

yep, I see still error like in #611.

OMEMO is on on both clients and other side is getting following from me:

**Unencrypted** ?OTRv23?
<b>myjid@mydomain.tld</b> has requested an <a href="https://otr.cypherpunks.ca/">Off-the-Record private conversation</a>.  However, you do not have a plugin to support that.'

[therob84]

Is dropping OTR support in ChatSecure on the roadmap? I already heard this for Conversations' in some discussions thereover....CS should/could follow in this case to further minimize error causes and confusion about different encryption methods...

[chrisballinger]

Don't know if it will be dropped entirely, but definitely de-emphasized. OTR sucks.

On Wed, Oct 4, 2017 at 1:52 PM, therob84 notifications@github.com wrote:

Is dropping OTR support in ChatSecure on the roadmap? I already heard this for Conversations' in some discussions thereover....CS should/could follow in this case to further minimize error causes and confusion about different encryption methods...

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ChatSecure/ChatSecure-iOS/issues/788#issuecomment-334285689, or mute the thread https://github.com/notifications/unsubscribe-auth/AAfqH3bn7krdvgKriDBvhaWSd1Wf8kfeks5so-_ygaJpZM4N9M1w .

[therob84]

Mayne it is conected to this issue: between a ChatSecure contact and my gajim client (in parallel with an conversations client) frequently I get (error/notification) messages "OTR message which my client does not support" at gajim sent by chatsecure, although there is a working omemo connection... The OTR messages (I can paste the quote tmrw) are sent "in background", means without the contact did sent any payloaded message from CS (thus due to some status/typing/chat markers or anything else going on in session establishing in CS?) . I only get this in gajim, but not in Conversations (both connected to my same account). Quite annoying.

[chrisballinger]

I thought this was fixed already :(

[therob84]

Seems not. :-/ I will paste the complete message and from which CS it is sent.

edit: ?OTRv23? b>XYZ@XYZ.de</b has requested an Off-the-Record private conversation. However, you do not have a plugin to support that. See https://otr.cypherpunks.ca/ for more information.

[chrisballinger]

Have you tried the TestFlight version?

On Fri, Jan 26, 2018 at 12:03 AM, therob84 notifications@github.com wrote:

Seems not. :-/ I will paste the complete message and from which CS it is sent.

Am 26. Januar 2018 01:59:51 MEZ schrieb Chris Ballinger < notifications@github.com>:

I thought this was fixed already :(

-- You are receiving this because you commented. Reply to this email directly or view it on GitHub: https://github.com/ChatSecure/ChatSecure-iOS/issues/788#issuecomment- 360652237

-- Diese Nachricht wurde von meinem Fairphone mit K-9 Mail gesendet.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ChatSecure/ChatSecure-iOS/issues/788#issuecomment-360710588, or mute the thread https://github.com/notifications/unsubscribe-auth/AAfqH1n1SpL3uWORB2h7RvVCKkvM30J1ks5tOYbggaJpZM4N9M1w .

[therob84]

No. I am not using iOS (only Conversations@Android, Gajim@Windows). I just asked some friends to use CS@iOS and thus are limited in advices to them, just helping with problems and convincing them in continue using XMPP with me :-/

[Echolon]

Hi, yes - I'd like to support the approach at least prevent CS to establish OTR automatically and instead enforce omemo. Furthermore, I experienced that the menu with settings for encryption is kinda hidden and not very easy to handle with all these abilities who encryption should be prioritised (for a normal user).

(The first thing leads in Conversations to the situation that it asks me all the time to verify OTR session...)

Cheers

[therob84]

And onother OTR issue, maybe connected to this one:

My contacts using ChatSecure (4.2.1) occasionally receiving messages like ?OTR Error:null although I definetively did not initiate any OTR sessions in Conversations & Gajim from my side. I never use OTR and the CS contacts complaining regularly about OTR-error-messages. :-/

I do hope for improvements in a coming release (any projected release-date yet, @chrisballinger?).

[jotwewe]

I got the same messages as described in https://github.com/ChatSecure/ChatSecure-iOS/issues/788#issuecomment-360710588 from a client using chatsecure 4.2.1, until he switched from "best available" encryption to "OMEMO only".