Hi, are there any plans to integrate OTR keys with PGP? (c.f. how monkeysphere integrates SSH keys with PGP).
It's good that crypto products don't also try to provide a PKI and reimplement the wheel, but then they should actually *use* existing ones to fill this gap! Also, how does OTR prevent MITM against "Q/A" and "Shared secret" auth[1], as I was under the impression that only physical face-to-face verification of fingerprints (or a derived process, e.g. PGP's WoT) can prevent such attacks. X [1] http://www.cypherpunks.ca/otr/help/3.2.0/authenticate.php -- GPG: 4096R/5FBBDBCE https://github.com/infinity0 https://bitbucket.org/infinity0 https://launchpad.net/~infinity0
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OTR-users mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-users
