Off-the-record (OTR) Messaging User Guide
Off-the-record (OTR) Messaging is a feature that allows users to exchange temporary, encrypted messages directly between each other. This happens by using the local, non-persistent session storage of their browser rather than storing messages on the Rocket.Chat server. After an OTR session ends and the session storage is cleared, the OTR messages are removed and can no longer be restored.
Prerequisites for using OTR are:
- OTR has been enabled by your server administrator (if not, you will not be able to see OTR in the DM context menu)
- a direct message (DM) room with only one other participant
- you and your DM-partner are both online
See the following steps with the sample users A and B.
User A: Start the OTR conversation by clicking the DM context menu and selecting OTR. This will open the OTR-sidebar.
User A: Start OTR.
User B: Accept the OTR invitation.
Accepting the invitation
The following messages will be subject to the OTR session and be marked by a key-icon. Unlike end-to-end encryption, this key icon is bold.
OTR messages visual display
If User A or B breaks OTR (by clearing their local session storage, e.g., refreshing the web client), one of them needs to re-initiate the OTR session by clicking Refresh Keys.
Options during OTR conversation
In case User A or B wants to end the OTR session, one needs to click "End OTR". This ends the OTR session. The following messages will follow the normal configuration of the DM and be recorded on the server again. Refreshing his local session storage will make all OTR messages disappear for the user.
Ending OTR conversations