Update OMEMO documentation

This commit is contained in:
JC Brand 2022-04-06 10:07:27 +02:00
parent af342456c5
commit b1a448f1e9
2 changed files with 7 additions and 7 deletions

View File

@ -1718,11 +1718,12 @@ compile time.
This configuration seting allows this value to be set at runtime as well.
.. _persistent-store:
persistent_store
----------------
* Default: ``localStorage``
* Default: ``IndexedDB``
* Valid options: ``localStorage``, ``IndexedDB``, ``sessionStorage``, ``BrowserExtLocal``, ``BrowserExtSync``
Determines which store is used for storing persistent data.

View File

@ -31,7 +31,7 @@ End to end message encryption (`XEP-0384 OMEMO <https://xmpp.org/extensions/xep-
=============================================================================================
.. note::
Converse.js (as of version 4.1.2) does NOT support encryption or decryption
Converse versions older than 8.0.0 do NOT support encryption or decryption
of uploaded files. Files will be uploaded WITHOUT ENCRYPTION, even when
OMEMO is enabled.
@ -44,7 +44,9 @@ ever tear down a session once one has been established.
This means that a session needs to be stored permanently after logging out.
Converse stores this session information in the browser's `localStorage <https://developer.mozilla.org/en-US/docs/Web/API/Storage/LocalStorage>`_.
Converse stores this session information in the browser's `IndexedDB <https://developer.mozilla.org/en-US/docs/Web/API/IndexedDB_API>`_
or `localStorage <https://developer.mozilla.org/en-US/docs/Web/API/Storage/LocalStorage>`_
database, depending on the value provided to :ref:`persistent-store`.
If you've checked the "This is not a trusted device" checkbox when logging in,
then `sessionStorage <https://developer.mozilla.org/en-US/docs/Web/API/Window/sessionStorage>`_
@ -88,10 +90,7 @@ headers.
Due to these reasons, it's NOT a good idea to use encrypted messaging with a
browser-based solution in life-threatening situations.
Security can be increased by using an installable app (like one based on `Electron <https://electronjs.org/>`_)
with a strict Content Security Policy.
Look out for an Electron based version of Converse coming in the following months.
Security can be increased by using an installable app (like `Converse Desktop <https://github.com/conversejs/converse-desktop>`_).
For further reading on the challenges of web-based crypto, take a look at these
articles: