Justin Karneges wrote:
On Tuesday 19 August 2008 12:06:50 Jonathan Dickinson wrote:Very good point Justin. Even if we implement SRP chances are that you could get a few lazy developers that don't quit on the documented failure points. Something simple to implement (I am going to read up on OTR now :)) may be a good solution.No, no. To be clear, I'm not recommending OTR. I'm sure Ian Goldberg is a great guy, but OTR hasn't been put through the wringer like TLS has been.OTR was invented for the deniability feature. However, I argue that OTR is popular today due to its usability, not due to deniability (or any of its security features for that matter). Ian wanted deniability and hassle-free crypto, but the users of the world really only wanted hassle-free crypto. OTR therefore meets the needs of the users, but the fact is, the users didn't need a brand new protocol in order for their needs to be met. OTR could just as well have been based on TLS instead of its own protocol, and it would have been just as popular.
Agreed.I also assert that deniability is not necessarily desirable (it depends on the requirements for the system under consideration, and I've talked to "customers" of XMPP who positively cannot have deniability). I also assert that cryptographic deniability is useless in the real world anyway, but that's a separate topic.
/psa
smime.p7s
Description: S/MIME Cryptographic Signature
