💾 Archived View for tilde.team › ~benk › 7a3ea12b.gmi captured on 2021-12-06 at 14:29:53. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-11-30)
-=-=-=-=-=-=-
Authors: Ben K. <benk@tilde.team>
Date: 2021-05-06
Today I re-embarked on the adventure of using PGP, particularly for XMPP. Most of the major XMPP clients support both OMEMO and PGP. OMEMO is thought to be more secure, and it is pretty much automatic, so everyone just uses that, but then when you want to verify your contact's OMEMO fingerprints (or your own), it ends up being slightly less complicated than PGP. (Sometimes it's more complicated, especially when your contact has a billion fingerprints.)
I went head and published my public key on my Gemini capsule at:
gemini://kwiecien.us/pubkey.asc
If you're using Diohsc, the fastest way to import it is by doing:
> gemini://kwiecien.us/pubkey.asc | gpg --import
Getting PGP to work on XMPP clients is easy or hard depending on the client. I found that Dino actually makes it easier than all the others. profanity is reasonable if you know what all commands to type, which ends up being something like:
/pgp keys /account set [account name] pgpkeyid [your key id] /pgp setkey [contact jid] [their key id] /pgp start
The start command has to be done while in that contact's converation window, and it won't turn on if OMEMO hasn't been ended first. It also won't turn on if either you or the contact don't have keys set, so if it won't turn on then something went wrong there.
Converations is even more fun, because you need to install the Openkeychain app on Android first, import your own key, and restart Conversations. Conversations was nice enough to offer to restart itself when I tried to enable OpenPGP in a conversation, but it failed to do so. Rebooting my phone did the trick. Then you have to try to enable it, select your key, and hope Conversations finds your contact's key somehow. I don't know how it does it, but I guess XMPP clients publish their PGP keys in some way. Dino found my contact's key automatically, but Conversations was kind of clueless about this. To be fair, they didn't seem to have successfully set it up on their end.
So, if you would like to switch to PGP, I am ready for that. I have it set up in my e-mail client now too, so I guess that covers all the bases.