Off The Record messaging
Implement off-the-record messaging (https://otr.cypherpunks.ca/)
Ticket for this feature can be followed here: https://mattermost.atlassian.net/browse/MM-669
Working in IT, we need to securely share passwords. We don't want this information stored in clear text on the server. Other clients like Pidgin have had this feature for a long time. As it stands we can't use MM for this purpose.
Kelvin Loke commented
This idea is at the top 2 of all ideas but it's still yet to be started. Would be really nice if work can start on this.
Created in 2015 and still not implemented? This is a feature we require to use MM in our organisation.
Will Payne commented
Very surprised this is such an in-demand feature.
If this feature is added PLEASE PLEASE PLEASE allow it to be turned off. Some of us have to worry about compliance, etc.
OTR is a priority for enterprise users +1
Current blocker of using MM
OTR is really problematic - but omemo could do the trick
Joaquim Homrighausen commented
Storage encryption should really be added at all possible levels in MM
I'm honestly shocked this isn't a feature. Apparently every admin can see all the messages? That's crazy.
Even if mattermost is implemented in companies, and for professional purpose, I am convinced that privacy should be a priority for private message on a chat application. Please add this feature.
This feature would be essential for sensitive messages!
Sean Fulmer commented
How is it that this feature isn't even planned yet? Please consider adding it, sooner rather than later.
is there anything going forward with this request here at the moment? its a thing we came across during our evaluation period and I think its mandatory for production use in any company that cares about privacy...
Miriam Bergmann commented
yes do it :D
Please add a OTR feature to mattermost.
Please add a OTR feature to mattermost !!!
Please add a OTR feature to mattermost. From my point of view, this is a must have feature...especially if you would like to replace an existing jabber service.
This is something we're investigating, and currently blocking us:
Some private chats should by default be OTR so that not even DB admins can read them, for example all chats between specific people.
Having no search available for such private messages is understandable and OK for such private messages.
There is also OMEMO, an extension to XMPP which improves on OTR encryption by allowing group chat encryption and forward secrecy.
Based on the same Axolotl protocol as Signal.