Mercurial > prosody-modules
annotate mod_e2e_policy/README.markdown @ 5549:01a0b67a9afd
mod_http_oauth2: Add TODO about disabling password grant
Per recommendation in draft-ietf-oauth-security-topics-23 it should at
the very least be disabled by default.
However since this is used by the Snikket web portal some care needs to
be taken not to break this, unless it's already broken by other changes
to this module.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 16 Jun 2023 00:06:53 +0200 |
parents | f3485eb9cb8b |
children |
rev | line source |
---|---|
2212
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
1 Introduction |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
2 ============ |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
3 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
4 This module was written to encourage usage of End-to-end encryption for chat and MUC messages. It can be configured to warn the sender after every plaintext/unencrypted message or to block all plaintext/unencrypted messages. It also supports MUC and JID whitelisting, so administrators can for example whitelist public support MUCs ;-) |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
5 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
6 Configuration |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
7 ============= |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
8 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
9 Enable the module as any other: |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
10 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
11 modules_enabled = { |
2863
f3485eb9cb8b
Fix typo in config (thanks, kousu)
Jonas Wielicki <jonas@wielicki.name>
parents:
2213
diff
changeset
|
12 "e2e_policy"; |
2212
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
13 } |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
14 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
15 You can then set some options to configure your desired policy: |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
16 |
2213
1815bf8b3cf9
mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents:
2212
diff
changeset
|
17 Option Default Description |
1815bf8b3cf9
mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents:
2212
diff
changeset
|
18 ------------------------------------ ------------ ------------------------------------------------------------------------------------------------------------------------------------------------- |
1815bf8b3cf9
mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents:
2212
diff
changeset
|
19 e2e\_policy\_chat `"optional"` Policy for chat messages. Possible values: `"none"`, `"optional"` and `"required"`. |
1815bf8b3cf9
mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents:
2212
diff
changeset
|
20 e2e\_policy\_muc `"optional"` Policy for MUC messages. Possible values: `"none"`, `"optional"` and `"required"`. |
1815bf8b3cf9
mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents:
2212
diff
changeset
|
21 e2e\_policy\_whitelist `{ }` Make this module ignore messages sent to and from this JIDs or MUCs. |
1815bf8b3cf9
mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents:
2212
diff
changeset
|
22 e2e\_policy\_message\_optional\_chat `""` Set a custom warning message for chat messages. |
1815bf8b3cf9
mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents:
2212
diff
changeset
|
23 e2e\_policy\_message\_required\_chat `""` Set a custom error message for chat messages. |
1815bf8b3cf9
mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents:
2212
diff
changeset
|
24 e2e\_policy\_message\_optional\_muc `""` Set a custom warning message for MUC messages. |
1815bf8b3cf9
mod_e2e_policy: Fix README markdown issue
Michel Le Bihan <michel@lebihan.pl>
parents:
2212
diff
changeset
|
25 e2e\_policy\_message\_required\_muc `""` Set a custom error message for MUC messages. |
2212
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
26 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
27 Some examples: |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
28 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
29 e2e_policy_chat = "optional" |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
30 e2e_policy_muc = "optional" |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
31 e2e_policy_whitelist = { "admin@example.com", "prosody@conference.prosody.im" } |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
32 e2e_policy_message_optional_chat = "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for conversations on this server." |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
33 e2e_policy_message_required_chat = "For security reasons, OMEMO, OTR or PGP encryption is required for conversations on this server." |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
34 e2e_policy_message_optional_muc = "For security reasons, OMEMO, OTR or PGP encryption is STRONGLY recommended for MUC on this server." |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
35 e2e_policy_message_required_muc = "For security reasons, OMEMO, OTR or PGP encryption is required for MUC on this server." |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
36 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
37 Compatibility |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
38 ============= |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
39 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
40 ----- ------------- |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
41 trunk Works |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
42 0.10 Should work |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
43 0.9 Should work |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
44 ----- ------------- |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
45 |
57dcad6543c9
mod_e2e_policy: Initial commit
Michel Le Bihan <michel@lebihan.pl>
parents:
diff
changeset
|
46 |