On Tue, Mar 15, 2005 at 02:14:48PM -0500, Ian Goldberg wrote: > OTR works over Jabber today. Granted, it's not very "Jabberish" (as far > as I understand the term; I don't know the Jabber protocol very well): > it just replaces the text of the message with ciphertext. [gaim, at > least, doesn't seem to have a way to construct a more "Jabberish" > message, as far as I could tell.] > > I'd be more than happy to help Jabber-ify the OTR protocol. The reason > we designed OTR was exactly that the GPG-over-IM solutions have > semantics that don't match those of a private conversation: you have > long-term encryption keys, as well as digital signatures on messages. > You don't *want* Bob to be able to prove to Charlie that Alice said what > she did. [Yet you want Bob to be himself assured of Alice's > authorship.] And a compromise of Bob's computer tomorrow should not > expose today's messages. > > OTR also adds a couple of extra features (malleable encryption, > publishing of the MAC keys, a toolkit for forging transcripts) to help > Alice claim that someone's putting words in her mouth.
Obviously I need to read up more on OTR, but thanks for the offer of assistance -- I'll reply further when my level of ignorance is not quite so high as it is now. /psa --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
