aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Gultsch <daniel.gultsch@rwth-aachen.de>2014-03-24 12:41:12 +0100
committerDaniel Gultsch <daniel.gultsch@rwth-aachen.de>2014-03-24 12:41:12 +0100
commit06a75d134422080269953e9a31f5656b083e9d21 (patch)
tree4549d87da5196a85cd5b19d621f6883535f98c46
parent7d505856a0009464eb9e2523743c1bba6241a217 (diff)
added faq
-rw-r--r--README.md7
1 files changed, 7 insertions, 0 deletions
diff --git a/README.md b/README.md
index 97d85dbe5..c56bc437d 100644
--- a/README.md
+++ b/README.md
@@ -38,3 +38,10 @@ These XEPs are - as of now:
In most cases OTR should be the encryption method of choice. It works out of the box with most contacts as long as they are online.
However PGP can be in some cases (carbonated messages to multiple clients) be
more flexible.
+####How do I use openPGP
+Before you continue reading you should notice that the openPGP support in
+Conversations is marked as experimental. This is not because it will make the app
+unstable but because the fundamental concepts of PGP aren't ready for a
+widespread use. The way PGP works is that you trust Key IDs instead of XMPP- or email addresses. So in theory your contact list should consist of Public-Key-IDs instead of email addresses. But of course no email or xmpp client out there implements these concepts. Plus openPGG in the context of instant messaging has a couple of downsides. It is vulnerable for replay attacs, it is rather verbose, decryping and encrypting takes longer than OTR. It is however asynchronous and works well with carbonated messages.
+
+To use openpgp you have to install the opensource app OpenKeychain (www.openkeychain.org) and then long press on the account in manage accounts and choose renew PGP announcement from the contextual menu.