Skip to content
Snippets Groups Projects
Commit 7a5c9692 authored by ovari's avatar ovari Committed by Adrien Béraud
Browse files

user/faq.md: cleanup 

Follow up to patch: https://review.jami.net/c/jami-docs/+/30030

Change-Id: I7c8b7ed4a337682de8ba51b4267345572eadecbc
parent 15684e1c
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 50 additions and 90 deletions
user/faq.md
+ 50
90
View file @ 7a5c9692
......@@ -6,15 +6,12 @@ Questions from the [Forum](https://forum.jami.net/) are also added here.
<!-- TODO: Add a table of contents -->
## Basics
### What is Jami?
See the [Introduction](introduction.md).
### What does Jami mean?
The choice of the name Jami was inspired by the Swahili word [jamii](https://en.wiktionary.org/wiki/jamii) which means `community` as a noun and `together` as an adverb.
......@@ -23,12 +20,10 @@ It was chosen as it reflects the vision for the project:
* is community supported, and
* respects the freedom and privacy of the users.
### How can I make a bug report?
Please see the [Bug report guide](bug-report-guide.md).
### What makes Jami different from other communication platforms?
Jami does not work like most communication platforms because it is *distributed*:
......@@ -41,7 +36,6 @@ However, the most significant practical differences are that the user havs more
<!-- TODO: Expand this -->
### What do the green/orange/red status circles next to profile pictures mean?
On a user's account, 🔴 (a red circle) displayed means that the device is not connected to the DHT or is offline.
......@@ -60,44 +54,37 @@ For contacts:
* several hours if [push notifications](https://en.wikipedia.org/wiki/Push_technology#Push_notification) are enabled.
* 🟢 (a green circle) displayed means that the device is connected to a device of this peer.
### Why is a feature missing on my client?
Not every client implements all features.
Check the [All features by client](all-features-by-client.md) list to see if the client is missing the feature.
Feature requests can be made at <https://git.jami.net>.
### Does Jami support read receipts? Can I turn them on or off?
Yes.
Read receipts can be enabled or disabled in the settings on Jami for Desktop, Android, Android TV and iOS.
### Does Jami support typing indicators? Can I turn them on or off?
Yes.
Typing indicators can be enabled or disabled in the settings on Jami for Desktop, Android, and iOS.
### Can I share my screen?
Yes.
Screen sharing is available on Jami for Desktop, and Android.
To activiate screen sharing, click the "Share screen" button while in an audio or a video call.
### Can I make group conference calls?
Yes.
Jami contacts can be added to (audio or video) calls by clicking the "Add participant" button.
### Does Jami support group chats?
Yes.
### Why aren't my sent messages showing up on all linked devices?
Before the implementation of Swarm Technology, an account's devices would only receive the same messages from contacts if the device was online at the time of the message being sent.
......@@ -110,7 +97,6 @@ The latest version of Jami is always available from the Download page of the Jam
To learn more about Swarm Technology, visit the blog post [Synchronizing conversation history with Swarm](https://jami.net/synchronizing-conversation-history-with-swarm/)
and visit the [Developer manual](/developer/index).
### Can I message offline contacts?
With Swarm Technology conversations, every device stores a copy of all of the messages in that conversation.
......@@ -126,7 +112,6 @@ If the participants in a conversation are often not online at the same time (for
The often-online device would receive the messages from each participant and relay it to the other(s) whenever they come online.
Thus, acting similarly to a "server", all the while Jami remains distributed by nature.
### Where are the configuration files located?
Jami saves its configuration (account, certificates, history) at different locations depending on the platform.
......@@ -155,7 +140,6 @@ Audio and video messages are recorded in the local-data in the folder: `sent_dat
For files, if a file is saved (right-click on the file, then Save), it will be added to the directory configured in the application settings.
### How much bandwidth do I need for calls?
For audio calls, Jami uses about 100 Kbps.
......@@ -168,7 +152,6 @@ So, for example, for a conference with 10 participants, each participant will ne
Jami also uses an algorithm to change the consumption depending of the quality of the link.
So, the bitrate can have a minimum of 200 Kbit/s and maximum of 6 Mbit/s.
### How can Savoir-Faire Linux Inc. (SFL) afford to give Jami away for free? How does SFL make money with Jami?
[Savoir-Faire Linux Inc.](https://savoirfairelinux.com/) (SFL) is a consulting company with some R&D projects.
......@@ -187,16 +170,13 @@ Jami recurring expenses:
+ As a distributed system, Jami incurs very low costs by design
+ Opt-in collection of anonymized statistics might be added in the future to better understand Jami usage; however, no personal data will be collected.
## Account management
### What is a Jami account?
A Jami account is an [asymmetric encryption key](https://en.wikipedia.org/wiki/Public-key_cryptography).
The Jami account is identified by a Jami ID, which is a [fingerprint](https://en.wikipedia.org/wiki/Public_key_fingerprint) of the public key.
### What information do I need to provide to create a Jami account?
When a new Jami account is created, private information like an email address, address, or phone number is not required.
......@@ -221,7 +201,6 @@ More information about Jami accounts is available in the
The Jami ID is displayed on the main page of the Jami app.
The Jami ID is a 40-character string of letters and numbers; for example: `f2c815f5554bcc22689ce84d45aefdda1bce9146`.
### Why don't I have to use a password?
On a centralized system, a password is required to authenticate with a public server where accounts are stored.
......@@ -239,7 +218,6 @@ Recent versions of Jami do not ask for an account encryption password by default
Changing a password will only change the password on the current device and it's not synced (because there is no server and other devices can be offline anyway).
```
### Why don't I have to register a username?
The most permanent, secure identifier is the Jami ID.
......@@ -250,12 +228,10 @@ If you don't register a username, you can still choose to register one later at
If you host your own name server at `example.com`, usernames registered there can be looked up by searching for `username@example.com`.
### Can I change my username?
Usernames are unable to be changed on the default name server (`ns.jami.net`).
### What is the difference between a username and a display name?
The username can be used as an identifier.
......@@ -265,7 +241,6 @@ Usernames are unique on the name server.
A display name allows you to choose another name that identifies a Jami account to contacts.
Display names can be edited or changed at any time and only trusted peers can see them.
### How can I back up my account?
There are two ways to back up an account:
......@@ -277,7 +252,6 @@ There are two ways to back up an account:
[Account management](/developer/jami-concepts/account-management.md) section of the Developer manual.
Some clients allow exporting the Jami account archive from Account settings.
### Can I retrieve my username without my keys?
If the default name server at `ns.jami.net` stores a username, the username **cannot** be retrieved without the key.
......@@ -296,7 +270,7 @@ No.
There is no traditional account recovery process;
the user is the only person with access to the user's data.
```{{tip}}
```{admonition} Tip
Use a password manager if there is a concern about forgetting the Jami account password.
```
......@@ -316,10 +290,9 @@ The contacts will still have the messages which were sent to them, but all publi
The default `ns.jami.net` name server **does not** delete any registered usernames -- other name servers might (not recommended), at their administrator's discretion.
So, if an account has a registered username on the default name server and the account is deleted or lost (without a backup), nobody (including the user) will be able to register a new account with that username again; thus, nobody can reach the user at that username anymore.
To avoid losing an account **please** {ref}`back it up <user/faq#how-can-i-back-up-my-account>`!
To avoid losing an account **please** {ref}`user/faq#how-can-i-back-up-my-account:back it up`!
```
### What happens when I link a new device?
When a device is linked to an account, the Jami account archive is put on the Jami network for a few minutes.
......@@ -327,16 +300,13 @@ The Jami account is protected with a password Jami provides.
The new device receives the full account certificate with the master RSA keys, and it generates a new device key for signing/encrypting messages.
## Advanced
### What protocol does Jami use for the end-to-end encryption?
We use TLS 1.3 with a perfect forward secrecy requirement for the negotiated ciphers for calls and file transfers.
Messages are encrypted with an RSA key.
### What data passes through my machine when I participate in the Jami network?
**All these data are encrypted**. There is:
......@@ -348,19 +318,16 @@ Messages are encrypted with an RSA key.
Audio/video streams and some text messages pass through the VOIP protocol.
Text messages can be sent either via VOIP or DHT (the distributed network) depending on whether a VOIP communication channel is already open or not.
### Why am I able to communicate with myself?
Many users use Jami to transfer data from one machine to another.
### Should I enable push notifications?
Push notifications allow Jami to operate in a way more adapted to the context of mobility (energy consumption, data, …).
However, for the moment, notifications go through Google's servers, via the Firebase service.
Only one identifier is transferred and it is unusable for anyone who does not have access to the account.
### What is a bootstrap server?
A bootstrap server is the entry point of the distributed network.
......@@ -422,13 +389,11 @@ Once registered, the name server **does not** provide any way to remove the mapp
More information about name servers is available in the
[Name Server protocol](/developer/jami-concepts/name-server-protocol.md) section of the Developer manual.
### How can I change the timeout for a call?
In the `dring.yml` file (see {ref}`user/faq:Where are the
configuration files located?`), the `ringingTimeout` value, measured in seconds, can be changed.
### How to back up and reimport conversations and accounts
```{note}
......@@ -442,19 +407,18 @@ Desktop clients run on GNU/Linux, macOS, and Windows operating systems.
2. Copy and save the database (in `~/.local/share/jami/` for example).
3. On the new device, to import the settings and contacts with empty conversations:
1. if Jami is opened for the first time, import the archive backup.
`I already have an account``Import from an archive backup`.
2. if Jami already has an account, import each archive backup.
`Add another account``I already have an account``Import from an archive backup`.
* if Jami is opened for the first time, import the archive backup.
`I already have an account``Import from an archive backup`.
* if Jami already has an account, import each archive backup.
`Add another account``I already have an account``Import from an archive backup`.
4. Close Jami and replace the database with the database previously saved.
### How secure are you?
**We use TLS/SRTP to secure connection and communications over the network.**
**TLS/SRTP is used to secure connection and communications over the network.**
We implement SRTP over SIP using recommendations described in the following two RFCs:
SRTP over SIP is implemented using recommendations described in the following two RFCs:
- [RFC 3711](https://tools.ietf.org/html/rfc3711)
- [RFC 4568](https://tools.ietf.org/html/rfc4568)
......@@ -464,22 +428,21 @@ One for the control socket, the other for the media sockets.
Typical control session will use the following cipher suite:
```
(TLS1.3)-(ECDHE-SECP384R1)-(RSA-PSS-RSAE-SHA384)-(AES-256-GCM)
(TLS_ECDHE_RSA_AES_256_GCM_SHA384)
(TLS1.3)-(ECDHE-SECP384R1)-(RSA-PSS-RSAE-SHA384)-(AES-256-GCM)
(TLS_ECDHE_RSA_AES_256_GCM_SHA384)
```
DTLS (fallback) supported:
```
"SECURE192:-KX-ALL:+ANON-ECDH:+ANON-DH:+SECURE192:-VERS-TLS-ALL:+VERS-DTLS-ALL:-RSA:%SERVER_PRECEDENCE:%SAFE_RENEGOTIATION"
"SECURE192:-KX-ALL:+ANON-ECDH:+ANON-DH:+SECURE192:-VERS-TLS-ALL:+VERS-DTLS-ALL:-RSA:%SERVER_PRECEDENCE:%SAFE_RENEGOTIATION"
```
TLS:
```
"SECURE192:-KX-ALL:+ANON-ECDH:+ANON-DH:+SECURE192:-RSA:-GROUP-FFDHE4096:-GROUP-FFDHE6144:-GROUP-FFDHE8192:+GROUP-X25519:%SERVER_PRECEDENCE:%SAFE_RENEGOTIATION"
"SECURE192:-KX-ALL:+ANON-ECDH:+ANON-DH:+SECURE192:-RSA:-GROUP-FFDHE4096:-GROUP-FFDHE6144:-GROUP-FFDHE8192:+GROUP-X25519:%SERVER_PRECEDENCE:%SAFE_RENEGOTIATION"
```
Supported crypto suite for the media session are:
- `AES_CM_128_HMAC_SHA1_80 / SRTP_AES128_CM_HMAC_SHA1_80`
- `AES_CM_128_HMAC_SHA1_32 / SRTP_AES128_CM_HMAC_SHA1_32`
......@@ -503,7 +466,6 @@ For all three scenarios, there are three main actions:
- placing a call (TCP + UDP ICE connection as described in the
[Calls](/developer/jami-concepts/calls.md) section of the Developer manual.
#### (1) A classic configuration
##### Send a message
......@@ -533,14 +495,14 @@ If you want a proof, you can compile dhtnode and run the `la` command to get you
This is what I got:
```
./tools/dhtnode -b bootstrap.jami.net
Bootstrap: bootstrap.jami.net:4222
OpenDHT node be58fdc9f782269bfc0bbfc21a60bca5f02cb881 running on port 54299
(type 'h' or 'help' for a list of possible commands)
>> la
Reported public addresses:
IPs OF MY VPN
./tools/dhtnode -b bootstrap.jami.net
Bootstrap: bootstrap.jami.net:4222
OpenDHT node be58fdc9f782269bfc0bbfc21a60bca5f02cb881 running on port 54299
(type 'h' or 'help' for a list of possible commands)
>> la
Reported public addresses:
IPs OF MY VPN
```
So, if you don't use a proxy, your VPN addresses will be used for using
......@@ -574,23 +536,22 @@ So, I did a file transfer with Jami + TOR.
This is what I see in the logs for the remote:
```
[1574218330.556|10688|p2p.cpp :241 ] [Account:93a03f519f394143] add remote ICE candidate: Hc0a8c801 1 TCP 2130706431 192.168.200.1 33293 typ host tcptype passive
[1574218330.556|10688|p2p.cpp :241 ] [Account:93a03f519f394143] add remote ICE candidate: Hc0a8c801 1 TCP 2130706431 192.168.200.1 9 typ host tcptype active
[1574218330.556|10688|p2p.cpp :241 ] [Account:93a03f519f394143] add remote ICE candidate: Hc0a80103 1 TCP 2130706431 192.168.1.3 33293 typ host tcptype passive
[1574218330.556|10688|p2p.cpp :241 ] [Account:93a03f519f394143] add remote ICE candidate: Hc0a80103 1 TCP 2130706431 192.168.1.3 9 typ host tcptype active
[1574218330.556|10688|p2p.cpp :241 ] [Account:93a03f519f394143] add remote ICE candidate: R33fe279d 1 TCP 16777215 51.254.39.157 27427 typ relay tcptype passive
[1574218330.556|10688|p2p.cpp :241 ] [Account:93a03f519f394143] add remote ICE candidate: Sc0a8c801 1 TCP 1694498815 185.220.101.24 33293 typ srflx tcptype passive
[1574218330.556|10688|p2p.cpp :241 ] [Account:93a03f519f394143] add remote ICE candidate: Hc0a8c801 1 TCP 2130706431 192.168.200.1 33293 typ host tcptype passive
[1574218330.556|10688|p2p.cpp :241 ] [Account:93a03f519f394143] add remote ICE candidate: Hc0a8c801 1 TCP 2130706431 192.168.200.1 9 typ host tcptype active
[1574218330.556|10688|p2p.cpp :241 ] [Account:93a03f519f394143] add remote ICE candidate: Hc0a80103 1 TCP 2130706431 192.168.1.3 33293 typ host tcptype passive
[1574218330.556|10688|p2p.cpp :241 ] [Account:93a03f519f394143] add remote ICE candidate: Hc0a80103 1 TCP 2130706431 192.168.1.3 9 typ host tcptype active
[1574218330.556|10688|p2p.cpp :241 ] [Account:93a03f519f394143] add remote ICE candidate: R33fe279d 1 TCP 16777215 51.254.39.157 27427 typ relay tcptype passive
[1574218330.556|10688|p2p.cpp :241 ] [Account:93a03f519f394143] add remote ICE candidate: Sc0a8c801 1 TCP 1694498815 185.220.101.24 33293 typ srflx tcptype passive
```
The first ones are some 192.168.x.x so we don't care. 51.254.39.157 is the TURN address in France (my device is in the Canada).
185.220.101.24 is the Tor exit node:
```
inetnum: 185.220.101.0 - 185.220.101.127
netname: MK-TOR-EXIT
inetnum: 185.220.101.0 - 185.220.101.127
netname: MK-TOR-EXIT
```
##### Do a call
This will not work (actually, you can create the SIP control connection
......@@ -640,40 +601,39 @@ If you will use this Jami account for communicating only with only with other de
If you do so, and later you decide to use this account also for communicating with other Jami devices outside your network, don't forget to enable TURN again, as it helps Jami work around issues with some overly restrictive firewalls.
```
### How can I configure the codecs even more?
Codecs can be configured via a file. In the configurations files, you
can create a file called `encoder.json` like this:
```
{
"libx264": {
"profile": 100,
"level": 42,
"crf": 20,
"preset": "ultrafast"
},
"h264_vaapi": {
"low_power": 1
},
"libopus": {
"application": "voip"
}
}
{
"libx264": {
"profile": 100,
"level": 42,
"crf": 20,
"preset": "ultrafast"
},
"h264_vaapi": {
"low_power": 1
},
"libopus": {
"application": "voip"
}
}
```
or:
```
{
"libopus": {
"bit_rate": 128000
}
}
{
"libopus": {
"bit_rate": 128000
}
}
```
This file is {ref}`located in the same directory <user/faq#where-are-the-configuration-files-located>` as `dring.yml`.
This file is {ref}`user/faq#where-are-the-configuration-files-located:located in the same directory` as `dring.yml`.
To check which options are supported, use the command `ffmpeg -h
encoder=[encoder_name]`, where `encoder_name` can be any of `libx264`, `libvpx`, `mpeg4`, `h263`, `libopus`, `libspeex`, `g722`, `pcm_alaw`, or `pcm_mulaw` (the FFmpeg names for all of Jami's supported encoders).
......@@ -684,7 +644,7 @@ An audio processor allows Jami to clean up and process your microphone's audio.
It can remove echo, reduce noise, and equalize your microphone's volume.
Additionally, it can detect when you're speaking and send this information to participants in your call.
The audio processor settings can be set in your `dring.yml` file.
See {ref}`this section to find where this file is located <config-file-location>`.
See {ref}`where-are-the-configuration-files-located:this section to find where this file is located`.
The relevant preference keys are:
......@@ -703,4 +663,4 @@ The relevant preference keys are:
- `noiseReduce`, `true`/`false` to set noise reduction on the audio processor
- `automaticGainControl`, `true`/`false` to set automatic gain control on the audio processor
- `voiceActivityDetection`, `true`/`false` to set voice activity detection on the audio processor
- `voiceActivityDetection`, `true`/`false` to set voice activity detection on the audio processor
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment