Hi Dominik,

On 14.05.2014 08:36, Dominik George wrote:
>> attached a patch for mod_carbons to ignore otr encrypted messages.
>>
>> Otr encrypted messages can't be readable for other clients, because of
>> the Diffie-Hellman key exchange so it is useless to send the messages to
>> other clients.
> 
> I like the idea; in fact, I have disabled mod_carbons because it breaks OTR.
> 
> But, is that ?OTR substring specific enough to the protocol that it does not 
> match any false positives?

False positives are possible, if someone writes a message starting with
'?OTR'. An option, but disproportionally complicate, is to write regular
expressions for the different possibilities.

Imho message starting with '?OTR' are unusual enough that it is ok to
not propagate them to other clients.

> Not a major issue I think, and I also think that OTR should be fixed instead 
> of 
> carbons, but yet, just a hint ;).

It is not possible to fix this in OTR, if you will keep
End2End-Encryption and Forward secrecy.

Regards,
 Martin

-- 
You received this message because you are subscribed to the Google Groups 
"prosody-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to prosody-dev+unsubscr...@googlegroups.com.
To post to this group, send email to prosody-dev@googlegroups.com.
Visit this group at http://groups.google.com/group/prosody-dev.
For more options, visit https://groups.google.com/d/optout.

Reply via email to