I would like to suggest that Deltachat apps should learn how to configure an account from a QR-code.
Email-providers could then generate QR-codes for their users (or admins could generate them for their organisational members, or group-techies for their allies), in order to make it even easier to get started with Deltachat.
As far as I know there is no (living) standard for encoding credentials in a string. I’m only aware of QR-codes that contain a URL to download a configuration profile (e.g. fastmail.com). But those are OS-specific, more complex and maybe not even well applicable?
So I think you would be free to invent your own scheme. But it might be easiest to just re-use the response format of mailadm?
(It might be useful to think about the extensibility of the scheme: I can e.g. imagine that organisations would like to include an email-address into the QR-code, which is used to open a chat with and compose a draft á la “I made it”, that only needs a tap to be sent. This way the sending admin could know who successfully set up their Deltachat app, and could then invite those people to a group.)
Thanks for bringing this up! With Bjoern and others had already discussions around this.
I’d avoid re-using the existing dcaccount burner-account format (it takes a URL) but rather design a specifc “account setup transferal” QR code, with few required and several optional fields (relating to the various config settings that delta chat internally has for an account):
and it would be good to design it such that we can add more optional fields later (eg pre-shared SSL-cert fingerprint etc.). So we need a text format for specifying such config values. Maybe DKIM header=value format with header specified via single chars? I think it’s based on some MIME standard and we probably have the code for both directions already in core.
Note that it could be useful to transfer a secret PGP key in the QR code as well. This way one Delta Chat user could transfer a full account setup to another user’s DC device (or a second of their own). This is nice if multiple people want to operate a “functional” or “collective” account such as “support@…” or “press@…”.
we should keep in mind the maximum size or qr codes https://www.qrcode.com/en/about/version.html
depending on the error correction level the max size ranges from 1.273kB to 2.953kB (English comma).
might be worth looking into whether we could read them too for initial account config.
Sure, i am aware of the size limits. ASCII version of a secret ED25519 PGP key is 400 bytes.
I don’t think we hit size limits for account-setup-transfer QR codes unless we want to include full-hd avatars into them
Let’s not get lost in this optimization consideration – the real thing here is defining the format, introducing it into the core, and teaching the UX to show a localized message where users can say “yes” to.
I would like to be able to seewhat config values are applied, possibly in a table behind an advanced button or sth like that. That would useful for debugging and when we have config qr codes that modify the account to increase security because then the user can look what exactly is being modified.
for simplicity over format complexity/size optimizations I would just use:
key=value
config_var=value2
...
instead of thinking of 1 letter aliases of the config keys, if we only support ED25519 keys we don’t have to worry about space that much (min. 870bytes free for more information, it utf-8 encoding that would be ~30 simple config vars or more)
If it turns out to be an issue in the future we could still define aliases and if required even use a binary format.
An exception would be when we would also store the key for an group that should be joined, then the space might get low on highest error correction.
I suggest to use a specific account-setup-transfer QR code UX and not a generic “modify any config values” one. The account-setup-transfer would have one localized high-level explanation and if a user accepts the action, will define/setup a whole account with whatever settings. Let’s assume a user that is less us but rather maybe the furthest-away-from-technical-details relative/friend you know.
For providers offering AutoConfiguration an Aztec Code should be programmatically simple to derrive. You could similarly derrive the far inferior qr code matrix.
Now that we have that feature. How would I create a QR-code that someone can scan as part of the “Add Account > Scan Invitation Code” interface and get their Delta Chat account auto-configured?
I know how to create QR codes with an app like https://f-droid.org/en/packages/com.example.barcodescanner/, but what data would I put in?
I imagine it would begin with “DCACCOUNT:” as that’s what the nine.testrun.org server does, but then it points to a PY file on a webserver.
DCACCOUNT: is for a url to a webserver that returns credentials as json.
useful if you want to onboard many people at once
DCLOGIN: is a qr code that contains the credentials and advanced settings directly in the qr code without asking a server.
(don’t forget the version/v argument, it is mandatory)
useful when you want to login to a specific account, though note that you should use the “setup second device” option if you want to use multiple devices with the same account (they need to have the same privatekay or you’ll get message decryption problems)
In my experience url schemes do not work if you use the Tor Browser. I don’t know if anybody else has tested this? It’s great to have the url schemes but it would also be nice to have alternative options so that Tor users don’t get left behind. For example maybe the ability to copy the QR code as a string and paste it inside the Delta Chat app?
hi, @bencan that is how Delta Chat already works, clicking the links open directly with Delta Chat app if supported by your phone without opening in the browser, and you also can already do what you said, just paste the link from clipboard option in the QR scanner you don’t need the raw QR data for that, pasting the link there also works because the link already has the QR data and delta chat knows this
Thanks @adbenitez, I tried your suggestion of pasting the link into the app and it worked! I wasn’t aware that this was possible because the instructions at nine.testrun.org don’t mention anything about this and I couldn’t find this method described in any documentation. (My first impression was just “Oh, the website’s broken!”)
