Hi Justin! Thanks for your perspective, and sorry for the delayed reply.
Justin Karneges wrote: > So, here's a question: can we create a protocol that allows the same user > experience as OTR, but instead is based on something proven? I believe the > answer is yes. Both RFC 3923 and XTLS would allow for an identical user > experience as OTR. Sure, these systems may have different underlying crypto > featuresets than OTR (e.g, neither have deniability), but they are featureful > enough for most purposes. > > Does this mean we should abandon esessions? I don't think so. It offers the > ultimate set of features that we would like to have eventually, and it takes > advantage of XMPP in ways other protocols can't. It is looking to the > future. However, it doesn't offer any user experience improvements over the > other options (except for perhaps its use of SAS, but I'd like to investigate > if we can do that in an S/MIME or TLS context before granting that). With > that in mind, we could develop a system that is good enough today *and* that > the user can fall in love with. We don't need OTR or esessions to have such > a system. Well, that is the question. Perhaps we can find a way to some answers during the meeting that starts in 15 minutes. :) I hope you'll be there: http://www.xmpp.org/council/agendas/2007-11-07.html Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
