The desired functionality is that (1) conversations between clients are encrypted via the OTR plugin and (2) encryption never be turned off (3) yet at the same time I’d like the OpenFire Monitoring Service plugin to be capable of storing the chat transcripts in non-encrypted English. I realize this is contrary to the intended purpose of the OTR plugin, but I want the chat encryption for keeping confidential information secure…just not from the IT staff.
I’m trying to figure out the best approach for doing this and I would like some advice. Or maybe even a price quote on doing the work ASAP. As I see it there are several options:
(a) Modify Monitoring Service - All packets are going through the server (correct?) so I “assume” it should be possible to incorporate OTR decryption into the monitoring service plugin?
(b) Private Data Storage - Spark keeps a non-encrypted copy of chat history so it should be possible to save this on the server side via Private Data Storage.
© Static Key - Modify OpenFire to store a modifiable encryption key that the OTR plugin retrieves and that the Monitoring Service uses to decrypt all conversations.
I think option A the best but I’m new to OpenFire/Spark so I thought I’d seek advice. I noticed the Monitoring Service hasn’t been updated since 2009 so I’m guessing there’s no plans to incorporate such a feature already?
EDIT:
As I said I’m new to OpenFire…so I just realized the communications were already encrypted via TLS. So I’m now setting up a 4096-bit RSA cert.