OTR.im Chat

OTR.im offers a free and secure Jabber service that anyone can use by registering an account through your favorite chat client.

➛ jabber.otr.im

It is now only possible to connect through our Tor hidden service:

➛v2: 5rgdtlawqkcplz75.onion (will be deprecated soon)

➛v3: ynnuxkbbiy5gicdydekpihmpbqd4frruax2mqhpc35xqjxp5ayvrjuqd.onion

In order to configure a Jabber client, you need this information:

Protocol: jabber or xmpp

Account: username@jabber.otr.im

Our Jabber server requires a secure SSL/TLS connection. We use Let's Encrypt since March 22nd, 2016 thus you should expect a valid signed certificate for jabber.otr.im.

Finally, this server has a special quirk. It forces communication to be OTR encrypted, thus cleartext messages between clients is impossible. With the help of Riseup, we have developed a prosody plugin to achieve mandatory OTR communication.

Data Retention

This section details what data OTR.im can see and can not see on this Jabber server.

First of all, this server logging is completely disabled on the Jabber server, even error logs.

What we can see? section below.

What we CAN see?

  • Your username and SHA1 hash of the password are stored on the server.
  • vCard if you supply one.
  • Your IP address. To avoid this, use our Tor hidden service.
  • Last seen, UNIX timestamp of when you were last seen.
  • Offline messages. Any messages you send to an offline contact will be stored encrypted on the server until the contact shows up.
    • Encrypted content (OTR).
    • Destination contact address.
    • Timestamp of the message.
  • Your roster. For each contact:
    • Jabber address (ex: keith@jabber.boozallen.com)
    • Name of the contact (if set)
    • Group (if any)

What we DO NOT see?

  • Message content. Mandatory OTR makes it that we can't read content.
  • No logs thus nothing our prosody server could usually tell us.