summaryrefslogtreecommitdiffstats
path: root/wiki/src/blueprint/replace_Pidgin.mdwn
blob: 36faa896d793f22512b2f4a6443f60d96ea5fa78 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
Corresponding ticket: [[!tails_ticket 8573]]

It would be nice to replace Pidgin with another secure IM client. Unfortunately no good alternative seems to exist today. To be able to decide, if another IM client would be a suitable replacement this document should list the requirements a client needs to fulfill to fit the bill.

The document can also list candidate clients together with some indication where they are lacking (and where they shine).

TODO: Would a pair of two separate client (XMPP and IRC) also be okay, or are we only looking for a single client that can do both?

# Requirements
## General requirements

### Documentation

### Internationalization

The client must be internationalized, ideally already translated in many languages - if not, adding new languages should be easy.

### GUI

The client must have a easy to use GUI that makes it hard for users to use the client in an insecure way.

### TLS

The client must support connections using TLS.

TODO: Is STARTTLS needed?

### Support for Tor

The client must support Tor and must not leak any private data (hostname, username, local IP, ...) at the application level.

### Support for OTR

The client must support OTR and should make it easy to enforce usage of OTR for all conversations or only for specific contacts.

Ideally, some usability study for the OTR user interface has been done.

### Other

TODO: Pidgin already has an apparmor profile; should we require that a replacement also comes with an apparmor profile?

The client MUST NOT save logs of conversations.

## XMPP (Jabber)
## IRC
### SASL
The client must support SASL authentication.

# Candidate alternatives 

## Tor Messenger

## xmpp-client