On 19/07/11 1:59 PM, James A. Donald wrote:
On 2011-07-19 9:48 AM, Ian G wrote:
OTR makes the same error. It takes a very interesting mathematical
property, and extend it into the hard human world, as if the words carry
the same meaning. Perhaps, once upon a time, in some TV court room
drama, someone got away with lying about a document? From this, OTR
suggests that mathematics can help you deny a transcript? It can't. It
can certainly muddy the waters, it can certainly give you enough rope to
hang yourself, but what it can't do is give some veneer of "it didn't
happen." Not in court, not in the hard world of humans.
OTR gives you the same deniability as a plaintext communicated person to
person. "He said ... she said"
(I suspect a confusion here. A plaintext is a document, whereas "he
said, she said" is witnessed or hearsay. They have wildly different
effects in court, under interrogation.)
No more, and no less.
But that is quite a lot of deniability.
Actually, I suspect not. I humbly submit to the court that a plaintext
document plus the presence of OTR is somewhat less deniable than a
plaintext document by itself, which are both less deniable than a
non-existing document.
Perhaps we could lump this under the law of unexpected consequences?
Part of the problem I have semantically with OTR is that it isn't OTR.
The presence of a record means it is on the record. While
OTR-the-product might be attempting to decrease the tamper-resistance
qualities of the document, there is manifestly a document. And such
presence tends to outweigh in real life any advantage gained by tampering.
If it was truly OTR, it would turn off the record. That's what it
means, the tape stops rolling, the typist stops typing.
Probably we can't achieve precisly that, within the context of p2p
communications without TCBs. But we can come close. There are
possibilities: Counterparties can contract to delete the record
afterwards, exposing themselves to civil claims if this is not done.
Further, it might be possible to make declarations under penalties of
perjury that the record has been deleted. Or, we could IPR it, or even
invoke DMCA over it, and have the OTR application do the deed under a
technological protection.
I'm not suggesting that this be done; just that it seems to be evident
that OTR doesn't take much in the way of steps to take something "off
the record." What it does achieve, IMHO, is make it easier for a court
to rule against a false repudiation. This is hard to see as an
advantage to the users, who might be tempted to talk as if they can
later deny the conversation. E.g., wikipedia, that notably deniable
authority, says:
"The primary motivation behind the protocol was providing deniability
for the conversation participants while keeping conversations
confidential, like a private conversation in real life, or off the
record in journalism sourcing."
http://en.wikipedia.org/wiki/Off-the-Record_Messaging
iang, the other other one
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
