logo

blog

My little blog can’t be this cute! git clone https://hacktivis.me/git/blog.git
commit: 8f0826b13da015a3c1aae4bed4b9507eb0882e9d
parent 468fbe129997b36f0563afd907dc2bf360e90c92
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date:   Wed,  9 Jan 2019 05:01:58 +0100

articles/I’m removing defaults to eternal cryptographic signatures.xhtml: update XMPP notice


Diffstat:


Marticles/I’m removing defaults to eternal cryptographic signatures.xhtml2+-


Mfeed.atom2+-


2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/articles/I’m removing defaults to eternal cryptographic signatures.xhtml b/articles/I’m removing defaults to eternal cryptographic signatures.xhtml
@@ -5,7 +5,7 @@
 	<li>git: Make sure <code>commit.gpgSign</code> isn’t set. (system-wide: <code>git config --system --get commit.gpgSign</code>, user-wide: <code>git config --global --get commit.gpgSign</code>, repo-wide: <code>git config --local --get commit.gpgSign</code>). To strip existing commits run <code>git filter-branch</code> on the repositories.</li>
 	<li>Email: Disable OpenPGP Signatures in your client if you did (also avoid Protonmail), make sure DKIM is non-existent, you may have to self-host your email</li>
 	<li>Fediverse: With Mastodon 2.7.0 (upcoming release as of 2019-01-09) you should use non-public statuses by default (See <a href="https://github.com/tootsuite/mastodon/pull/9659">Pull Request #9659</a>). Otherwise you can use Pleroma which doesn’t have JSON-LD Signatures.</li>
-	<li>XMPP: Not sure, I’ll check later on how OTRv3/v4 and OMEMO works</li>
+	<li>XMPP: Do not use OpenPGP or OX, OMEMO seems to have good deniability. I’m not very sure about OTRv3 as <a href="https://whispersystems.org/blog/simplifying-otr-deniability/">Simplifying OTR Deniability</a> (referenced on <a href="https://conversations.im/omemo/">OMEMO’s page</a>) doesn’t mention the version.</li>
 </ul>
 <h2>Why?</h2>
 <p>It’s something that weirdly doesn’t seems very popular in cryptonerds circles. Long-term signatures in a computer world basically is that everything that you send can and will be used against you and people you interacted with or wrote about and there is absolutely no deniability about it.</p>
diff --git a/feed.atom b/feed.atom
@@ -14,7 +14,7 @@
 		<link rel="alternate" type="text/html" href="/articles/I%E2%80%99m%20removing%20defaults%20to%20eternal%20cryptographic%20signatures"/>
 		<id>https://hacktivis.me/articles/I%E2%80%99m%20removing%20defaults%20to%20eternal%20cryptographic%20signatures</id>
 		<published>2019-01-09T03:05:54Z</published>
-		<updated>2019-01-09T03:34:49Z</updated>
+		<updated>2019-01-09T04:02:05Z</updated>
 		<content type="xhtml"><div>
 <!--#include file="/articles/I’m removing defaults to eternal cryptographic signatures.xhtml"-->
 		</div></content>