On 2014-10-29 05:49, Ian Goldberg wrote:
On Tue, Oct 28, 2014 at 08:56:07PM -0400, Filipus Klutiero wrote:
I am not convinced this is a good thing, but for sure the current
phrasing is incorrect. According to the technical paper, OTR would
merely send the key to the other participant, so only him could forge
messages, unless someone captured the message. So the only person who
can forge messages after the conversation is the other participant.
Since he could already forge messages, that measure does not increase
deniability in normal circumstances.
No, that's not quite right; OTR sends the authentication (MAC) key *in
the clear* so that anyone capturing the traffic on the wire can
subsequently modify transcripts however they like.
That's also what I was saying. It is not encrypted, but it has no effect except
in cases where the communication is captured.
--
Filipus Klutiero
http://www.philippecloutier.com
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
