On 12/22/2014 11:28 AM, Bartosz Małkowski wrote: > I'm not sure we should start new XMPP stream covered by OTR. It > depends on what we want to do. We can't hide that communication > between A and B happens. Does encrypting whole stanzas is worth of > complications?
We couldn't hide the fact that communication happens between A and B,
but we could hide what type of communication happens. Eg. are messages
being exchanged, is presence being exchanged, are files being exchanged,
etc.
(this is assuming we were to design some sort of solution where all
wrapper messages look identical, and the actual XMPP stream is encased
within those messages, which isn't necessarily something we want or
don't want to do yet).
eg. after the initial setup / stream initialization:
<!-- All messages looks like this to the server. Nothing else gets
sent unless it's in the OTR stream. -->
<message to="B" from="A" type="otr">
---OTR-ENCRYPTED---
<something>could be any type of XMPP message</something>
---END-OTR---
</message>
Ignore the `type' as I'm not sure that's something we want either. We'd
have to ensure that whatever we do doesn't break OTR's goal of plausable
deniability. This is just an example based on what I think you were
saying and how it adds so
—Sam
--
Sam Whited
pub 4096R/54083AE104EA7AD3
https://blog.samwhited.com
signature.asc
Description: OpenPGP digital signature
