On Fri Mar 25 15:12:19 2011, Nicolas Vérité wrote:
OK, let's think this stupid example (sorry, I got no imagination):
Nyco: Hi Peter, how are you?
Peter: I'm fine, thank you
Nyco: and how is your work?
Peter: it is fine too
Nyco: OK, bye
Peter has left the conversation
Now since I'm malicious, I'll change my messages. Here is the
modified history:
Nyco: Hi Peter, how are you since you were painted in blue?
Peter: I'm fine, thank you
Nyco: and how about being dressed in green penguin with tentacles?
Peter: it is fine too
Nyco: wow, then
Peter has left the conversation
How can we prevent this? (because we must prevent this... do you
disagree?)
I don't see that this is dependent on being able to edit messages.
Consider:
1) Peter's client can maintain the history *including edits*, thus
defeating this.
2) Your client could fabricate the entire conversation *without
edits*, and you could hand it out.
If you want to defeat such things, we need message integrity and
authentication, which basically means signing.
Dave.
--
Dave Cridland - mailto:[email protected] - xmpp:[email protected]
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
