Contents x
    Off-the-record (OTR) Messaging User Guide
      • Print
      • Dark
        Light
      • PDF
      Contents

      Off-the-record (OTR) Messaging User Guide

        • Print
        • Dark
          Light
        • PDF
        Article summary

        This feature is currently in beta. Search operations will not find encrypted messages of encrypted rooms. The mobile apps and multi-DMs may not support the encrypted messages (currently under implementation). File Uploads will not be encrypted in this version.

        Off-the-record (OTR) Messaging is a feature that allows users to exchange temporary, encrypted messages directly between each other. This happens by using the local, non-persistent session storage of their browser rather than storing messages on the Rocket.Chat server. After an OTR session ends and the session storage is cleared, the OTR messages are removed and can no longer be restored.

        • OTR messages can help exchange confidential information between users without creating a record of this exchange on the server.

        • In contrast to OTR, end-to-end encrypted messages have a record on the server (in the form of the encrypted message string) and are persistent.

        Prerequisites

        • OTR has been enabled by your workspace administrator (if not, you will not be able to see OTR in the DM context menu).

        • A direct message (DM) room with only one other participant.

        • You and your DM partner have entered their end-to-end encryption key.

        • You and your DM partner are both online.

        Start an OTR conversation

        See the following steps with the sample users A and B.

        User A: Starts the OTR conversation by clicking the DM context menu and selecting OTR. This will open the OTR-sidebar.

        Selecting OTR-Panel

        User A: Start OTR.

        Starting OTR-Chat

        User B: Accepts the OTR invitation.

        Accepting the invitation

        The following messages will be subject to the OTR session and be marked by a key-icon. Unlike end-to-end encryption, this key icon is bold.

        OTR messages visual display

        If User A or B breaks OTR (by clearing their local session storage, e.g., refreshing the web client), one of them needs to re-initiate the OTR session by clicking Refresh Keys.

        Options during OTR conversation

        End an OTR conversation

        In case User A or B wants to end the OTR session, one needs to click End OTR. This ends the OTR session. The following messages will follow the normal configuration of the DM and be recorded on the server again. If the user refreshes their local session storage, all OTR messages disappear.

        Ending OTR conversations

        Was this article helpful?
        What's Next
        Rocket.Chat versions receive support for six months after release. End-of-life for any version is the last day of the month when support ends.
        ESC

        Eddy AI, facilitating knowledge discovery through conversational intelligence