1#Conversations
2Conversations is an open source XMPP (formally known as Jabber) client for Android 4.0+ smart phones.
3
4[Link to Play Store](https://play.google.com/store/apps/details?id=eu.siacs.conversations)
5
6
7
8##Design principles
9* Be as beautiful and easy to use as possible without sacrificing security or
10 privacy
11* Rely on existing, well established protocols
12* Do not require a Google Account or specifically Google Cloud Messaging (GCM)
13* Require as little permissons as possible
14
15##Features
16* End-to-end encryption with either OTR or openPGP
17* Holo UI
18* Multiple Accounts
19* Group Chats
20* Address book integration
21
22###XMPP Features
23Conversations works with every XMPP server out there. However XMPP is an extensible
24protocol. These extensions are standardized as well in so called XEP’s.
25Conversations supports a couple of those to make the overall userexperience better. There is a
26chance that your current XMPP server does not support these extensions.
27Therefore to get the most out of Conversations you should consider either switching to an
28XMPP server that does or - even better - run your own XMPP server for you and
29your friends.
30These XEPs are - as of now:
31* XEP-0198: Stream Management allows XMPP to surive small network outages and changes of the underlying TCP connection.
32* XEP-0280: Message Carbons which automatically syncs the messages you send to
33 your desktop client and thus allows you to switch seamlessly from your mobile
34 client to your desktop client and back within one conversation.
35* XEP-0237: Roster Versioning mainly to save bandwith on poor mobile connections
36
37##FAQ
38###General
39####How do I install Conversations?
40Conversations is entirely open source and licensed under GPLv3. So if you are a
41software developer you can check out the sources from github and use ant to
42build your apk file.
43
44The more convenient way - which not only gives you automatic updates but also
45supports the further development of Conversations - is to buy the App in the Google
46[Play Store](https://play.google.com/store/apps/details?id=eu.siacs.conversations).
47
48
49####How do I create an account?
50XMPP like email for example is a federated protocol which means that there is
51not one company you can create your 'official xmpp account' with but there are
52hundreds or even thousands of provider out there. To find one use a web search
53engine of your choice. Or maybe your univeristy has one. Or you can run your own.
54Or ask a friend to run one. Once you found one you can use Conversations to
55create an account. Just select 'register new account on server' within the
56create account dialog.
57####How does the address book integration work?
58The address bock integration was designed to protect your privacy. Conversations
59neither uploads contacts from your address book to your server nor fills your
60address book with unnecessary contacts from your online roster. If you manually
61add a Jabber ID to your phones address book Conversations will use the name and
62the profile picture of this contact. To make the process of adding Jabber IDs to
63your address book easier you can click on the profile picture in the contact
64detais within Conversations. This will start an add to address book intent with the jabber ID
65as payload. This doesn’t require Conversations to have write permissions on your
66address book but also doesn’t require you to copy past Jabber ID from one app to
67another.
68###Security
69####Why are there to end-to-end encryption methods and which one should I choose?
70In most cases OTR should be the encryption method of choice. It works out of the box with most contacts as long as they are online.
71However PGP can be in some cases (carbonated messages to multiple clients) be
72more flexible.
73####How do I use openPGP
74Before you continue reading you should notice that the openPGP support in
75Conversations is marked as experimental. This is not because it will make the app
76unstable but because the fundamental concepts of PGP aren't ready for a
77widespread use. The way PGP works is that you trust Key IDs instead of XMPP- or email addresses. So in theory your contact list should consist of Public-Key-IDs instead of email addresses. But of course no email or xmpp client out there implements these concepts. Plus PGP in the context of instant messaging has a couple of downsides. It is vulnerable to replay attacs, it is rather verbose, decryping and encrypting takes longer than OTR. It is however asynchronous and works well with carbonated messages.
78
79To use openpgp you have to install the opensource app OpenKeychain (www.openkeychain.org) and then long press on the account in manage accounts and choose renew PGP announcement from the contextual menu.