On Sat, Jul 27, 2013 at 11:51:33PM +0200, Randolph D. wrote:
> Oh that's great. I will test OTR more and look for the API
> The E*MPP Server and Echo protocol is described here:
> https://sourceforge.net/p/spot-on/code/1576/tree/branches/0.02/Documentation/PROTOCOLS
All I see there is a bunch of stanzas like:
Message Type ("0001a") (Plaintext)
TTL (Plaintext)
0 - Symmetric Key (Base-64) (Ciphertext, PK)
EOL
1 - Symmetric Key Algorithm (Base-64) (Ciphertext, PK)
EOL
2 - Sender's Sha-512 Hash (Base-64) (Ciphertext, SK)
EOL
3 - Recipient's Sha-512 Hash (Base-64) (Ciphertext, SK)
EOL
4 - Symmetric Key (Base-64) (Ciphertext, PK)
EOL
5 - Symmetric Key Algorithm (Base-64) (Ciphertext, PK)
EOL
6 - Sender's Signature Sha-512 Hash (Base-64) (Ciphertext, PK)
EOL
7 - Sender's Name (Base-64) (Ciphertext, SK)
EOL
8 - Subject (Base-64) (Ciphertext, SK)
EOL
9 - Message (Base-64) (Ciphertext, SK)
EOL
10 - Keyed Sha-512 Message Code (Base-64) (Plaintext)
with no explanation at all. What keys are there in the system? Which
are long term? Which are short term? How are keys distributed /
computed? What is the network model? The threat model? The purpose of
the protocol? Where is the state machine to be implemented at each
node?
> From what I see, it would be a good Feature, to send Echo over OTR.
> For that the OTR could be hybrid with a libspoton kernel.
> I mean, OTR would be be affected by it, if you enter plaintext or
> cryptotext from libspoton.
> It would allow to use any Messenger connection to transfer either own or as
> well foreign Messages and you would transcend Firewalls in the sense of
> closed societies. When one jabber chat works, from china to outside you can
> also send the echo over it for many users. on the other side the ORT
> sends it to E*MPP again and spreads the echo on.
> Adding the GoldBug kernel (libspoton) to OTR would add even several
> encryption layers to OTR, so a good match for both.
I don't see why this is a good match at all.
> Can you study the kernel and GB release as well?
I haven't seen any documentation to look at. (And even if there were,
it's unlikely I could spend cycles on it at this time.)
> Are you the developer of OTR?
I am the lead of the project, and usually the lead developer.
How are you involved with Goldbug? Can you produce better
documentation for it and its underlying protocols?
Thanks,
- Ian
_______________________________________________
OTR-dev mailing list
OTR-dev@lists.cypherpunks.ca
http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
