On Wed, Apr 16, 2014 at 3:32 PM, Bernard Tyers - ei8fdb <ei8...@ei8fdb.org>wrote:
> > On 9 Apr 2014, at 17:55, Ian Goldberg <i...@cypherpunks.ca> wrote: > > > OTR is a protocol. Different implementations of the protocol might use > > different libraries. But it doesn't really matter what library the OTR > > implementation uses; if a vulnerable openssl is used in your IM client > > *at all*, you're vulnerable. > > > > The standard libotr uses libgcrypt, for the record. > > Hi Ian, > > Can you explain when where an IM client would use openssl in terms of OTR? > I think I am misunderstanding the your comment. > In terms of OTR you are not, so if your IM client use openssl to any implementation (following Ian comment) your are vulnerable. Regards, > > I’d like to know how IM clients (if any) could be affected, in terms of > OTR, or file transfers, etc.. > > thanks, > Bernard > > -------------------------------------- > Bernard / bluboxthief / ei8fdb > > If you’d like to get in touch, please do: http://me.ei8fdb.org/ > > > > > > _______________________________________________ > OTR-users mailing list > OTR-users@lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > -- Cristian Salamea @ovnicraft
_______________________________________________ OTR-users mailing list OTR-users@lists.cypherpunks.ca http://lists.cypherpunks.ca/mailman/listinfo/otr-users
