On Thu, Mar 20, 2014 at 3:21 AM, Ximin Luo <[email protected]> wrote: > The stuff the developer posted in the other fork of this thread is really > something. I wish we had a cryptographic equivalent of funroll-loops.info. > > "This is just the key exchange; not trying to sign or otherwise authenticate > here."
What if I told you that the original OTR protocol, that most of these “good” chat apps that crypto experts are so happy with are based upon, had a completely trivial MITM in key exchange part [1]? Really something! [1] http://dx.doi.org/10.1145/1102199.1102216 -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
