annotate mod_e2e_policy/README.markdown @ 5549:01a0b67a9afd

mod_http_oauth2: Add TODO about disabling password grant Per recommendation in draft-ietf-oauth-security-topics-23 it should at the very least be disabled by default. However since this is used by the Snikket web portal some care needs to be taken not to break this, unless it's already broken by other changes to this module.
author Kim Alvefur <zash@zash.se>
date Fri, 16 Jun 2023 00:06:53 +0200
parents f3485eb9cb8b
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2212
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
1 Introduction
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
2 ============
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
3
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
4 This module was written to encourage usage of End-to-end encryption for chat and MUC messages. It can be configured to warn the sender after every plaintext/unencrypted message or to block all plaintext/unencrypted messages. It also supports MUC and JID whitelisting, so administrators can for example whitelist public support MUCs ;-)
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
5
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
6 Configuration
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
7 =============
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
8
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
9 Enable the module as any other:
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
10
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
11 modules_enabled = {
2863
f3485eb9cb8b Fix typo in config (thanks, kousu)
Jonas Wielicki <jonas@wielicki.name>
parents: 2213
diff changeset
12 "e2e_policy";
2212
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
13 }
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
14
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
15 You can then set some options to configure your desired policy:
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
16
2213
1815bf8b3cf9 mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents: 2212
diff changeset
17 Option Default Description
1815bf8b3cf9 mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents: 2212
diff changeset
18 ------------------------------------ ------------ -------------------------------------------------------------------------------------------------------------------------------------------------
1815bf8b3cf9 mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents: 2212
diff changeset
19 e2e\_policy\_chat `"optional"` Policy for chat messages. Possible values: `"none"`, `"optional"` and `"required"`.
1815bf8b3cf9 mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents: 2212
diff changeset
20 e2e\_policy\_muc `"optional"` Policy for MUC messages. Possible values: `"none"`, `"optional"` and `"required"`.
1815bf8b3cf9 mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents: 2212
diff changeset
21 e2e\_policy\_whitelist `{ }` Make this module ignore messages sent to and from this JIDs or MUCs.
1815bf8b3cf9 mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents: 2212
diff changeset
22 e2e\_policy\_message\_optional\_chat `""` Set a custom warning message for chat messages.
1815bf8b3cf9 mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents: 2212
diff changeset
23 e2e\_policy\_message\_required\_chat `""` Set a custom error message for chat messages.
1815bf8b3cf9 mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents: 2212
diff changeset
24 e2e\_policy\_message\_optional\_muc `""` Set a custom warning message for MUC messages.
1815bf8b3cf9 mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents: 2212
diff changeset
25 e2e\_policy\_message\_required\_muc `""` Set a custom error message for MUC messages.
2212
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
26
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
27 Some examples:
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
28
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
29 e2e_policy_chat = "optional"
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
30 e2e_policy_muc = "optional"
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
31 e2e_policy_whitelist = { "admin@example.com", "prosody@conference.prosody.im" }
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
32 e2e_policy_message_optional_chat = "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for conversations on this server."
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
33 e2e_policy_message_required_chat = "For security reasons, OMEMO, OTR or PGP encryption is required for conversations on this server."
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
34 e2e_policy_message_optional_muc = "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for MUC on this server."
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
35 e2e_policy_message_required_muc = "For security reasons, OMEMO, OTR or PGP encryption is required for MUC on this server."
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
36
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
37 Compatibility
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
38 =============
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
39
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
40 ----- -------------
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
41 trunk Works
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
42 0.10 Should work
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
43 0.9 Should work
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
44 ----- -------------
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
45
57dcad6543c9 mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff changeset
46