[OTR-dev] Secure connections through a connect/disconnect cycle, OTR error messages
Ian Goldberg
ian at cypherpunks.ca
Thu Jan 27 07:03:02 EST 2005
On Wed, Jan 26, 2005 at 01:25:17PM -0800, verbal wrote:
> On Wed, 26 Jan 2005 14:57:12 -0600, Evan Schoenberg <evan.s at dreskin.net> wrote:
> > I think the lack of ?OTR messages is insufficient... that doesn't do
> > anything until bob sends a message and that message fails... Part of
> > the purpose of such a 'heads up' is that bob can react without us
> > having to wait for a message send to fail before any one is the wiser.
> >
>
> what do you mean by letting bob "react", ie what would bob do? if
> alice and bob are in an OTR conversation and alice turns it off. alice
> sends in plaintext to bob, which is ok because alice knows she is
> sending plaintext cause she set it while bob is sending in encrypted
> text which is ok because he still thinks they're encrypted.
Don't forget to take into account the case where Alice and Bob are in a
secure conversation, but Eve sends a message to Bob (pretending to be
Alice), trying to convince Bob to turn off OTR. That could either be
the above plaintext, or the "heads-up" message, or whatever.
It's *vital* that Bob _not_ turn off OTR in response to anything except
Alice (_in_ an OTR conversation) saying "OK, I'm turning off OTR now.".
[But this method does work OK.]
- Ian
More information about the OTR-dev
mailing list