From 06a75d134422080269953e9a31f5656b083e9d21 Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Mon, 24 Mar 2014 12:41:12 +0100 Subject: [PATCH] added faq --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index 97d85dbe..c56bc437 100644 --- a/README.md +++ b/README.md @@ -38,3 +38,10 @@ These XEPs are - as of now: In most cases OTR should be the encryption method of choice. It works out of the box with most contacts as long as they are online. However PGP can be in some cases (carbonated messages to multiple clients) be more flexible. +####How do I use openPGP +Before you continue reading you should notice that the openPGP support in +Conversations is marked as experimental. This is not because it will make the app +unstable but because the fundamental concepts of PGP aren't ready for a +widespread use. The way PGP works is that you trust Key IDs instead of XMPP- or email addresses. So in theory your contact list should consist of Public-Key-IDs instead of email addresses. But of course no email or xmpp client out there implements these concepts. Plus openPGG in the context of instant messaging has a couple of downsides. It is vulnerable for replay attacs, it is rather verbose, decryping and encrypting takes longer than OTR. It is however asynchronous and works well with carbonated messages. + +To use openpgp you have to install the opensource app OpenKeychain (www.openkeychain.org) and then long press on the account in manage accounts and choose renew PGP announcement from the contextual menu.