On Fri, Apr 17, 2015, at 12:21 PM, Daniel Kahn Gillmor wrote: > Can you propose a specific addition to the text that would improve the > situation without distracting from the main goals of the documentation? > > I'm not part of the otr team myself, but i imagine that kind of concrete > contribution would be welcome. Projects like OTR need good documenation > as much as they need good code. Thanks for highlighting this gap. Can > you help fix it?
That is a good suggestion. It makes sense that a docs patch would be more welcome than just criticism. I'll think about how to word it. > > all security is completely dependent on the secrecy of the private > > key. > > Hm i think this might be overstating the case. not "all security" is > dependent on the secrecy of the secret key. For example, the > confidentiality of *past* messages is not compromised if an attacker > violates the secrecy of the secret key in the future. Thank you for that correction. I forgot about perfect forward secrecy. _______________________________________________ OTR-users mailing list OTR-users@lists.cypherpunks.ca http://lists.cypherpunks.ca/mailman/listinfo/otr-users
