- Gajim might intelligently set a Tor socks user name per account already. Do we still manually specify a user/password?
- Gajim developers said they don't intelligently set a Tor socks user name per account. https://dev.gajim.org/gajim/gajim/issues/9213
- (3) TODO: create an AppArmor profile
- does it have any protocol leaks?
- (4) TODO: check Gajim's built-in XML console
- how to pre-configure Gajim with all these settings by default as a linux distribution?
- (5) TODO: feature request for .d config folder support - https://dev.gajim.org/gajim/gajim/issues/9214
- feature request: Forcing OMEMO out of the box
Was a blocker:
- Despite the proxy setting, it routes DNS requests use system default networking, thus end up in Tor's TransPort, thereby DNS is not stream isolated.
- --> Strict stream isolation removed from Whonix Default Application Policy.
- Are uploads by gajim-httpupload encrypted using gajim-omemo?
- Developer responded: "yes if you have activated OMEMO, httpupload will always encrypt the file, in fact you can not send a unencrypted file with OMEMO activated even if you wanted."
- Plugin installer is only using https for verification which is weaker than gpg which is used by apt-get which is usually used to install software.  
- some answers here: https://dev.gajim.org/gajim/gajim/issues/8651
- gajim Whonix integration development discussion: https://forums.whonix.org/t/gajim-messenger
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.