On Tue, Mar 15, 2005 at 02:14:48PM -0500, Ian Goldberg wrote:

> OTR works over Jabber today.  Granted, it's not very "Jabberish" (as far
> as I understand the term; I don't know the Jabber protocol very well):
> it just replaces the text of the message with ciphertext.  [gaim, at
> least, doesn't seem to have a way to construct a more "Jabberish"
> message, as far as I could tell.]
> 
> I'd be more than happy to help Jabber-ify the OTR protocol.  The reason
> we designed OTR was exactly that the GPG-over-IM solutions have
> semantics that don't match those of a private conversation: you have
> long-term encryption keys, as well as digital signatures on messages.
> You don't *want* Bob to be able to prove to Charlie that Alice said what
> she did.  [Yet you want Bob to be himself assured of Alice's
> authorship.]  And a compromise of Bob's computer tomorrow should not
> expose today's messages.
> 
> OTR also adds a couple of extra features (malleable encryption,
> publishing of the MAC keys, a toolkit for forging transcripts) to help
> Alice claim that someone's putting words in her mouth.

Obviously I need to read up more on OTR, but thanks for the offer of
assistance -- I'll reply further when my level of ignorance is not quite
so high as it is now.

/psa


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to