From mail at scottellis.com.au Tue May 1 08:38:27 2007 From: mail at scottellis.com.au (Scott Ellis) Date: Tue, 1 May 2007 22:38:27 +1000 Subject: [OTR-dev] session termination In-Reply-To: <20070430012622.GM10564@yoink.cs.uwaterloo.ca> References: <96e269140704282247j28650c70tdbebc99d8fb49eba@mail.gmail.com> <20070429194343.GJ10564@yoink.cs.uwaterloo.ca> <2a12af650704291746p5e27b5f5m5ed0928fe5c172ee@mail.gmail.com> <20070430012622.GM10564@yoink.cs.uwaterloo.ca> Message-ID: <96e269140705010538q1b9a6f62teaf5eca7245d96cf@mail.gmail.com> Hm. So there's no easy way to solve it. I can't find a reliable way to send a message before a protocol goes offline in miranda. Does re-initiating a session give away any more information to an attacker, than simply listening to encrypted messages passing by? I do think forgetting session keys and moving to a non-encypted state is more elegant, and is much better than a design where (occasional) error messages are inevitable. -------------- next part -------------- An HTML attachment was scrubbed... URL: From icebrkr at cyberdyne.org Wed May 2 12:50:52 2007 From: icebrkr at cyberdyne.org (iCE Breaker) Date: Wed, 2 May 2007 12:50:52 -0400 Subject: [OTR-dev] gaim-otr port to pidgin 2 beta 7 Message-ID: <247fb914ae87718cef7fb9ae8357e591@localhost> So I spent some time throwing this thing together to get it to work with the latest and greatest Pidgin. Just not sure what to do with it. Also, I've only been able to test on Ubuntu (edgy). Help? -- iCE Breaker http://www.cyberdyne.org/~icebrkr From evan.s at dreskin.net Fri May 4 23:25:05 2007 From: evan.s at dreskin.net (Evan Schoenberg) Date: Fri, 4 May 2007 23:25:05 -0400 Subject: [OTR-dev] gaim-otr port to pidgin 2 beta 7 In-Reply-To: <247fb914ae87718cef7fb9ae8357e591@localhost> References: <247fb914ae87718cef7fb9ae8357e591@localhost> Message-ID: <1B1B334C-DA04-4134-B3CF-CD1773C4BC43@dreskin.net> On May 2, 2007, at 12:50 PM, iCE Breaker wrote: > So I spent some time throwing this thing together to get it to work > with the latest and greatest Pidgin. Just not sure what to do with > it. Also, I've only been able to test on Ubuntu (edgy). Help? Post a diff of your changes to this list and it'll go from there :) Cheers, Evan -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: This is a digitally signed message part URL: From reza.jelveh at tuhh.de Sat May 5 13:48:11 2007 From: reza.jelveh at tuhh.de (Reza Jelveh) Date: Sat, 5 May 2007 19:48:11 +0200 Subject: [OTR-dev] [PATCH] pidgin Message-ID: hi, i saw there's already a topic on this but didn't see a patch so here it is. works here at least... -------------- next part -------------- A non-text attachment was scrubbed... Name: pidgin.diff.gz Type: application/x-gzip Size: 12963 bytes Desc: not available URL: From donny.viszneki at gmail.com Sat May 12 02:49:50 2007 From: donny.viszneki at gmail.com (Donny Viszneki) Date: Sat, 12 May 2007 02:49:50 -0400 Subject: [OTR-dev] Verifies that Alice's gy is a legal value... Message-ID: <44acbb800705112349h183d2038k6e09e0c2effd5e03@mail.gmail.com> I've been working on writing my own complete implementation of OTR version 2 including implementing all of the functionality it depends on from libgcrypt. I'm not retarded, but my background isn't in cryptography or math. So I have a pretty simple question that probably anyone on the list could tell me. In the OTR protocol version 2 description, a "modulus-2" function is referenced twice: Verifies that Alice's gy is a legal value (2 <= gy <= modulus-2) Verifies that Bob's gx is a legal value (2 <= gx <= modulus-2) What is this function? I can't seem to find any information on it. Every time I need a break from other OTR-related work, I decided to look around for it some more. Now I've finally decided to just ask the list. So what's the answer?! From ian at cypherpunks.ca Sat May 12 11:13:08 2007 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sat, 12 May 2007 11:13:08 -0400 Subject: [OTR-dev] Verifies that Alice's gy is a legal value... In-Reply-To: <44acbb800705112349h183d2038k6e09e0c2effd5e03@mail.gmail.com> References: <44acbb800705112349h183d2038k6e09e0c2effd5e03@mail.gmail.com> Message-ID: <20070512151308.GM6184@yoink.cs.uwaterloo.ca> On Sat, May 12, 2007 at 02:49:50AM -0400, Donny Viszneki wrote: > I've been working on writing my own complete implementation of OTR > version 2 including implementing all of the functionality it depends > on from libgcrypt. Wow; that's cool (if a little dangerous, if your background isn't in crypto or math). What language are you writing in? > I'm not retarded, but my background isn't in cryptography or math. So > I have a pretty simple question that probably anyone on the list could > tell me. > > In the OTR protocol version 2 description, a "modulus-2" function is > referenced twice: > > Verifies that Alice's gy is a legal value (2 <= gy <= modulus-2) > Verifies that Bob's gx is a legal value (2 <= gx <= modulus-2) > > What is this function? I can't seem to find any information on it. > Every time I need a break from other OTR-related work, I decided to > look around for it some more. Now I've finally decided to just ask the > list. So what's the answer?! "modulus" is the modulus being used for the Diffie-Hellman calculation (the 1536-bit value listed under "Encoded Messages" in the spec). "modulus-2" is the modulus, minus 2. The reason to check that gx and gy are in that range is because all of those values have large order ((p-1)/2 or (p-1)). Values outside that range (like 1 and modulus-1) can have small order (1 or 2, respectively). Small order is Bad for Diffie-Hellman. Hope that helps, - Ian From donny.viszneki at gmail.com Sat May 12 13:10:49 2007 From: donny.viszneki at gmail.com (Donny Viszneki) Date: Sat, 12 May 2007 13:10:49 -0400 Subject: [OTR-dev] Verifies that Alice's gy is a legal value... In-Reply-To: <20070512151308.GM6184@yoink.cs.uwaterloo.ca> References: <44acbb800705112349h183d2038k6e09e0c2effd5e03@mail.gmail.com> <20070512151308.GM6184@yoink.cs.uwaterloo.ca> Message-ID: <44acbb800705121010k2bbfdaepc8cbc6254b086911@mail.gmail.com> On 5/12/07, Ian Goldberg wrote: > On Sat, May 12, 2007 at 02:49:50AM -0400, Donny Viszneki wrote: > > I've been working on writing my own complete implementation of OTR > > version 2 including implementing all of the functionality it depends > > on from libgcrypt. > > Wow; that's cool (if a little dangerous, if your background isn't in > crypto or math). What language are you writing in? That information is top-secret. > > I'm not retarded, but my background isn't in cryptography or math. So > > I have a pretty simple question that probably anyone on the list could > > tell me. > > > > In the OTR protocol version 2 description, a "modulus-2" function is > > referenced twice: > > > > Verifies that Alice's gy is a legal value (2 <= gy <= modulus-2) > > Verifies that Bob's gx is a legal value (2 <= gx <= modulus-2) > > > > What is this function? I can't seem to find any information on it. > > Every time I need a break from other OTR-related work, I decided to > > look around for it some more. Now I've finally decided to just ask the > > list. So what's the answer?! > > "modulus" is the modulus being used for the Diffie-Hellman calculation > (the 1536-bit value listed under "Encoded Messages" in the spec). > "modulus-2" is the modulus, minus 2. The reason to check that gx and gy > are in that range is because all of those values have large order > ((p-1)/2 or (p-1)). Values outside that range (like 1 and modulus-1) > can have small order (1 or 2, respectively). Small order is Bad for > Diffie-Hellman. That's hilarious. I had three people tell me this was NOT what was meant by "Modulus-2." How disappointing. Thanks so much for your help Ian. > Hope that helps, > > - Ian > _______________________________________________ > OTR-dev mailing list > OTR-dev at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev > From rabbi at abditum.com Sat May 12 13:58:31 2007 From: rabbi at abditum.com (Len Sassaman) Date: Sat, 12 May 2007 10:58:31 -0700 (PDT) Subject: [OTR-dev] Verifies that Alice's gy is a legal value... In-Reply-To: <44acbb800705121010k2bbfdaepc8cbc6254b086911@mail.gmail.com> References: <44acbb800705112349h183d2038k6e09e0c2effd5e03@mail.gmail.com> <20070512151308.GM6184@yoink.cs.uwaterloo.ca> <44acbb800705121010k2bbfdaepc8cbc6254b086911@mail.gmail.com> Message-ID: On Sat, 12 May 2007, Donny Viszneki wrote: > That's hilarious. I had three people tell me this was NOT what was > meant by "Modulus-2." How disappointing. Thanks so much for your help > Ian. That's probably worth throwing into a comment in the code somewhere appropriate, since even though I know better, "modulus-2" reads as "modulus dash two" to me, which could mean any number of things. Is anyone keeping a collection of questions that independent implemetors are asking? I'd be particularly interested in what Evan had to ask about -- these questions might be a good basis for an implementor FAQ or areas of clarification in the spec / library docs / code. --Len. From alex323 at gmail.com Fri May 18 18:14:13 2007 From: alex323 at gmail.com (Alex) Date: Fri, 18 May 2007 18:14:13 -0400 Subject: [OTR-dev] Configure script problem Message-ID: <20070518181413.22293070@darwin> Hello. The configure script for gaim-otr (pidgin-otr?) located at http://www.cypherpunks.ca/otr/gaim-otr-3.0.0.tar.gz uses pkg-config to check to make sure gaim is installed. When using pidgin, this does not work (as the package name is "pidgin" and not "gaim"). Attached are my changes to the file (only changed the pkg-config related stuff, not the package name, gaim-otr). -- Alex -------------- next part -------------- A non-text attachment was scrubbed... Name: configure.diff Type: text/x-patch Size: 2437 bytes Desc: not available URL: From alex323 at gmail.com Fri May 18 21:57:58 2007 From: alex323 at gmail.com (Alex) Date: Fri, 18 May 2007 21:57:58 -0400 Subject: [OTR-dev] Re: Configure script problem In-Reply-To: <20070518181413.22293070@darwin> References: <20070518181413.22293070@darwin> Message-ID: <20070518215758.2919cb5b@darwin> On Fri, 18 May 2007 18:14:13 -0400 Alex wrote: > Hello. The configure script for gaim-otr (pidgin-otr?) located at > http://www.cypherpunks.ca/otr/gaim-otr-3.0.0.tar.gz uses pkg-config to > check to make sure gaim is installed. When using pidgin, this does not > work (as the package name is "pidgin" and not "gaim"). Attached are my > changes to the file (only changed the pkg-config related stuff, not > the package name, gaim-otr). > *sigh* CVS worked, but the link on the home page is misleading. It is labeled as Pidgin but is for gaim. -- Alex From paul at cypherpunks.ca Tue May 22 10:13:07 2007 From: paul at cypherpunks.ca (Paul Wouters) Date: Tue, 22 May 2007 10:13:07 -0400 (EDT) Subject: [OTR-dev] Re: Configure script problem In-Reply-To: <20070518215758.2919cb5b@darwin> References: <20070518181413.22293070@darwin> <20070518215758.2919cb5b@darwin> Message-ID: On Fri, 18 May 2007, Alex wrote: > *sigh* CVS worked, but the link on the home page is misleading. Yes. The gaim->pidgin changes should really have warranted a new release. I completely agree. Paul From mimosius at gmx.de Wed May 23 14:20:30 2007 From: mimosius at gmx.de (Glen Masgai) Date: Wed, 23 May 2007 20:20:30 +0200 Subject: [OTR-dev] pidgin-otr alias patch Message-ID: <465485EE.3060308@gmx.de> Hi, I've made a patch which enables the usage of alias names instead of registration id's (ICQ uin e.g.), so key management should be much simpler and the messages in the conversation window more user friendly. The patch was made against the CVS version. Would someone of the developers review this patch and add it to the CVS? Regards, Glen Masgai -------------- next part -------------- A non-text attachment was scrubbed... Name: pidgin-otr-add-alias.diff Type: text/x-patch Size: 10352 bytes Desc: not available URL: From timg10 at gmx.net Fri May 25 05:57:38 2007 From: timg10 at gmx.net (Tim) Date: Fri, 25 May 2007 11:57:38 +0200 Subject: [OTR-dev] session termination Message-ID: <4656B312.4060604@gmx.net> Hello, I want to bring up the session termination bug one more time (see Scott Ellis' mails for details). Shouldn't it be quite easy to write a patch for the Gaim/Pidgin plugin in order to make it stop an OTR session as soon as one user goes offline? I recently read a bit of the plugin's source code, but since I haven't read Gaim's source code yet, I would need quite some time to do it myself. So I'm asking if anyone of you is willing to write a patch. You would have it done within a few minutes, I guess. It could remain inofficial, but it would make OTR usable for me and my friends. Right now we have disabled our OTR plugins because that bug is so annoying... Tim From paul at cypherpunks.ca Fri May 25 11:48:22 2007 From: paul at cypherpunks.ca (Paul Wouters) Date: Fri, 25 May 2007 11:48:22 -0400 (EDT) Subject: [OTR-dev] session termination In-Reply-To: <4656B312.4060604@gmx.net> References: <4656B312.4060604@gmx.net> Message-ID: On Fri, 25 May 2007, Tim wrote: > I want to bring up the session termination bug one more time (see Scott > Ellis' mails for details). > Shouldn't it be quite easy to write a patch for the Gaim/Pidgin plugin > in order to make it stop an OTR session as soon as one user goes offline? > I recently read a bit of the plugin's source code, but since I haven't > read Gaim's source code yet, I would need quite some time to do it myself. > So I'm asking if anyone of you is willing to write a patch. You would > have it done within a few minutes, I guess. It could remain inofficial, > but it would make OTR usable for me and my friends. > Right now we have disabled our OTR plugins because that bug is so > annoying... With people hopping on and off the net on different IP's, I wouldn't want to restart an OTR session everytime that happens. Net connectivity isnt so much what should "end" your OTR session. It's the user deciding they won't talk to you long enough to justify closing the secure channel. I'm not sure what the exact bug is you are experiencing. If it is th "talking while user is gone" bug, then I agree I would like to see a better message then just a quote or the garbliegoo we send. According to Ian, that currently doesn't go through gaim-otr, so we can't really filter it from gaim-otr. Paul From timg10 at gmx.net Fri May 25 12:52:09 2007 From: timg10 at gmx.net (Tim) Date: Fri, 25 May 2007 18:52:09 +0200 Subject: [OTR-dev] session termination In-Reply-To: References: <4656B312.4060604@gmx.net> Message-ID: <46571439.6050309@gmx.net> The bug I mean is the Miranda - Gaim session termination bug. It occurs when the Miranda user exits the Miranda program, i.e.goes offline. The Miranda OTR plugin doesn't send a session termination message as the Gaim plugin does. According to Scott Ellis (the programmer of the Miranda plugin) it's not possible to send such a message because of Miranda's infrastructure. So the Gaim OTR plugin doesn't know the Miranda user is offline and continues sending encrypted messages (which are then stored on the ICQ or Jabber server until the Miranda user goes back online). If I understood correctly, this is the desired behaviour. This is fine as long as the user went offline because he lost his internet connection, but keeps his IM program running, so he still has his session keys in memory. But if he exits the program the keys will be gone and he can't decrypt the messages which are stored on the ICQ servers any more. I assume the same thing will happen if both communication partners use Gaim. If communication partner now looses his internet connection and then exits Gaim, he will lose the session keys as well and thus his offline messages. In my opinion a message transport protocol should above all be reliable. The bug I described makes instant messaging with OTR unreliable, because one can't be certain all the messages sent can be read. That's why I wanted a change in the Gaim plugin's behaviour. (And in the proxy as well, I just noticed that it acts identically). Don't think this bug occurs rarely: It happened to me almost every day. I don't know how it is in other countries, but here in Germany most internet providers let their customers keep their IP address for 24 hours, so unintended "IP hops" are quite seldom. At least I don't tend to chat for more than 24 hours ;). - Tim Paul Wouters schrieb: > On Fri, 25 May 2007, Tim wrote: > > >> I want to bring up the session termination bug one more time (see Scott >> Ellis' mails for details). >> Shouldn't it be quite easy to write a patch for the Gaim/Pidgin plugin >> in order to make it stop an OTR session as soon as one user goes offline? >> I recently read a bit of the plugin's source code, but since I haven't >> read Gaim's source code yet, I would need quite some time to do it myself. >> So I'm asking if anyone of you is willing to write a patch. You would >> have it done within a few minutes, I guess. It could remain inofficial, >> but it would make OTR usable for me and my friends. >> Right now we have disabled our OTR plugins because that bug is so >> annoying... >> > > With people hopping on and off the net on different IP's, I wouldn't > want to restart an OTR session everytime that happens. > > Net connectivity isnt so much what should "end" your OTR session. It's > the user deciding they won't talk to you long enough to justify closing > the secure channel. > > I'm not sure what the exact bug is you are experiencing. If it is th > "talking while user is gone" bug, then I agree I would like to see > a better message then just a quote or the garbliegoo we send. According > to Ian, that currently doesn't go through gaim-otr, so we can't really > filter it from gaim-otr. > > Paul > > _______________________________________________ > OTR-dev mailing list > OTR-dev at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev > > From paul at cypherpunks.ca Fri May 25 18:09:34 2007 From: paul at cypherpunks.ca (Paul Wouters) Date: Fri, 25 May 2007 18:09:34 -0400 (EDT) Subject: [OTR-dev] session termination In-Reply-To: <46571439.6050309@gmx.net> References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> Message-ID: On Fri, 25 May 2007, Tim wrote: > I assume the same thing will happen if both communication partners use > Gaim. If communication partner now looses his internet connection and > then exits Gaim, he will lose the session keys as well and thus his > offline messages. > > In my opinion a message transport protocol should above all be reliable. > The bug I described makes instant messaging with OTR unreliable, because > one can't be certain all the messages sent can be read. It is still reliable, in that when the user comes online, OTR kickstarts and (assuming the queue didnt fill up) will detect unreadable messages, and will perform a resend. I know this works fine for me. If you send me a message when offline, when I come online, gaim-otr detects an unreadable message re-initiates otr. The gaim on the other end will then resend the message. So, I think you are being bitten by a Miranda specific bug. Feel free to install Gaim for windows and proof me wrong (at letoams at jabber.xs4all.nl) Paul From timg10 at gmx.net Fri May 25 21:16:31 2007 From: timg10 at gmx.net (Tim) Date: Sat, 26 May 2007 03:16:31 +0200 Subject: [OTR-dev] session termination In-Reply-To: References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> Message-ID: <46578A6F.1010708@gmx.net> Hi Paul, ok, I installed Pidgin and OTR for Windows and added you - let's see if it works. What will happen when you send me messages I can't decrypt and then you go offline? - no chance for a resent then. Tim Paul Wouters schrieb: > On Fri, 25 May 2007, Tim wrote: > > >> I assume the same thing will happen if both communication partners use >> Gaim. If communication partner now looses his internet connection and >> then exits Gaim, he will lose the session keys as well and thus his >> offline messages. >> >> In my opinion a message transport protocol should above all be reliable. >> The bug I described makes instant messaging with OTR unreliable, because >> one can't be certain all the messages sent can be read. >> > > It is still reliable, in that when the user comes online, OTR kickstarts > and (assuming the queue didnt fill up) will detect unreadable messages, > and will perform a resend. I know this works fine for me. If you send me > a message when offline, when I come online, gaim-otr detects an unreadable > message re-initiates otr. The gaim on the other end will then resend the > message. > > So, I think you are being bitten by a Miranda specific bug. Feel free to > install Gaim for windows and proof me wrong (at letoams at jabber.xs4all.nl) > > Paul > _______________________________________________ > OTR-dev mailing list > OTR-dev at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev > > From paul at cypherpunks.ca Sat May 26 17:07:36 2007 From: paul at cypherpunks.ca (Paul Wouters) Date: Sat, 26 May 2007 17:07:36 -0400 (EDT) Subject: [OTR-dev] session termination In-Reply-To: <46578A6F.1010708@gmx.net> References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <46578A6F.1010708@gmx.net> Message-ID: On Sat, 26 May 2007, Tim wrote: > ok, I installed Pidgin and OTR for Windows and added you - let's see if > it works. I'm at home later for testing. > What will happen when you send me messages I can't decrypt and then you > go offline? - no chance for a resent then. That's a pretty uncommon race condition, since the OTR resend actually happens instantly. The only case in which this is a problem is when both users keep sending a single message to the other user who is offline. In any other case, the new OTR request plus the resend works fine. I am not sure how you propose to "patch" this, without storing plaintext messages on other servers, which is just not acceptable from a security point of view. Any "fallback to plaintext" can be abused by an attacker to disable OTR. Paul From timg10 at gmx.net Tue May 29 07:00:56 2007 From: timg10 at gmx.net (Tim) Date: Tue, 29 May 2007 13:00:56 +0200 Subject: [OTR-dev] session termination In-Reply-To: References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <46578A6F.1010708@gmx.net> Message-ID: <465C07E8.90608@gmx.net> Paul Wouters schrieb: > That's a pretty uncommon race condition, since the OTR resend actually happens > instantly. The only case in which this is a problem is when both users keep > sending a single message to the other user who is offline. In any other case, > the new OTR request plus the resend works fine. > > I am not sure how you propose to "patch" this, without storing plaintext > messages on other servers, which is just not acceptable from a security > point of view. Any "fallback to plaintext" can be abused by an attacker > to disable OTR. > > Paul > _______________________________________________ > OTR-dev mailing list > OTR-dev at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev > Do I understand this correctly? If I go offline, your Gaim OTR will wait with the resend, until I go back online? What will happen to the message when I remain offline for, say, a week? This might well happen when my internet connection fails.You certainly will go offline in between. If you stay online: What will happen if I change the client? For example if I'm chatting at my home PC, which has OTR installed, and then my connection gets interrupted. Later I go back online with another client on another PC (for example with ICQ2go at work), which doesn't have OTR capabilities. Then your Gaim will send me the message encrypted and I can't read it. About the "fallback to plaintext" security problem: You get a message when the session stopped and further messages will be sent in plaintext, don't you? So you know that you shouldn't send any sensitive information anymore. Tim From paul at cypherpunks.ca Tue May 29 09:08:16 2007 From: paul at cypherpunks.ca (Paul Wouters) Date: Tue, 29 May 2007 09:08:16 -0400 (EDT) Subject: [OTR-dev] session termination In-Reply-To: <465C07E8.90608@gmx.net> References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <46578A6F.1010708@gmx.net> <465C07E8.90608@gmx.net> Message-ID: On Tue, 29 May 2007, Tim wrote: > Do I understand this correctly? If I go offline, your Gaim OTR will wait > with the resend, until I go back online? the message will be "sent" according to gaim, but stored on he IM server. once you come back and obtain the unreadable message, gaim will renegotiate and resend. > What will happen to the message > when I remain offline for, say, a week? This might well happen when my > internet connection fails.You certainly will go offline in between. I believe as long as gaim is running, and the otr sessions has not been closed , it can resend the last message (or last few). > If you stay online: What will happen if I change the client? For example > if I'm chatting at my home PC, which has OTR installed, and then my > connection gets interrupted. Later I go back online with another client > on another PC (for example with ICQ2go at work), which doesn't have OTR > capabilities. Then your Gaim will send me the message encrypted and I > can't read it. There will always be ways to shoot yourself in the foot. There are many more scenarios I can come up where you might lose a message. However in practise, this never happens to me. I don't use "web clients" (which per definition, need to obtain your plaintext message, so you can never use OTR with then), and I don't use IM clients that do not support OTR. > About the "fallback to plaintext" security problem: You get a message > when the session stopped and further messages will be sent in plaintext, > don't you? So you know that you shouldn't send any sensitive information > anymore. Now picture I am Alice, and I'm blocking all your encrypted IM's, but not your plaintext ones. How religious are you with "not sending sensitive information"? OTR already supports not leaking plaintext messages in its current mechanisms. I am not sure what kind of "patch" you were suggesting to make to otr. You tell me? Paul From mail at scottellis.com.au Tue May 29 09:13:55 2007 From: mail at scottellis.com.au (Scott Ellis) Date: Tue, 29 May 2007 23:13:55 +1000 Subject: [OTR-dev] session termination In-Reply-To: References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> Message-ID: <96e269140705290613i2c6f433ak793bb6662354c2f@mail.gmail.com> yeah i think gaim can go offline/online fine, and the resend works for that....but i don't think that happens if you actually exit gaim - that causes loss of session keys and makes the sent message unreadable because i can't find a reliable way of sending a message before a protocol goes offline (and btw i don't think that's 100% doable even for gaim - e.g. OS shutdown) - and i don't really want to anyway as i explained previously - i have used a 'broader interpretation' of the spec to include a user going offline as an indication that the session is over and therefore a reason to move into the 'finished' state. the only real problem with this as i think Ian mentioned is that an attacker who can mess with your online status can stop the session - which i think is a small price to pay to avoid usability issues which are significant to some people using two gaim instances is no guarantee it's a miranda bug - two miranda instances work fine together too. it's a matter of interpretation of the specification...there are a number of problems i outlined in previous mails with gaim's interpretation, and imo less problems with miranda's On 5/26/07, Paul Wouters wrote: > > On Fri, 25 May 2007, Tim wrote: > > > I assume the same thing will happen if both communication partners use > > Gaim. If communication partner now looses his internet connection and > > then exits Gaim, he will lose the session keys as well and thus his > > offline messages. > > > > In my opinion a message transport protocol should above all be reliable. > > The bug I described makes instant messaging with OTR unreliable, because > > one can't be certain all the messages sent can be read. > > It is still reliable, in that when the user comes online, OTR kickstarts > and (assuming the queue didnt fill up) will detect unreadable messages, > and will perform a resend. I know this works fine for me. If you send me > a message when offline, when I come online, gaim-otr detects an unreadable > message re-initiates otr. The gaim on the other end will then resend the > message. > > So, I think you are being bitten by a Miranda specific bug. Feel free to > install Gaim for windows and proof me wrong (at letoams at jabber.xs4all.nl) > > Paul > _______________________________________________ > OTR-dev mailing list > OTR-dev at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev > -------------- next part -------------- An HTML attachment was scrubbed... URL: From timg10 at gmx.net Tue May 29 09:49:06 2007 From: timg10 at gmx.net (Tim) Date: Tue, 29 May 2007 15:49:06 +0200 Subject: [OTR-dev] session termination In-Reply-To: References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <46578A6F.1010708@gmx.net> <465C07E8.90608@gmx.net> Message-ID: <465C2F52.7070300@gmx.net> > > I am not sure what kind of "patch" you were suggesting to make to otr. You tell > me? > The patch I suggest is to make the Gaim plugin behave like Scott's Miranda plugin: Scenario: - Alice is chatting with Bob, OTR encrypted. - Bob goes offline, but doesn't send the "OTR session termination"-message. (He's using Miranda or his Gaim plugin didn't manage to send the message for one of the reasons mentioned before). Old behaviour: - Alice continues sending encrypted messages, which Bob can't read afterwards. (She doesn't notice that!) New behaviour: - Alice's Gaim plugin terminates the OTR session on its own, though it didn't receive the termination-message from Bob. (It notifies Alice that the encrypted session has ended, so she doesn't send any sensitive information any more.) If you really don't like this new behaviour, I suggest at least: New behaviour B: - Alice's OTR plugin displays her a warning: "Your communication partner went offline and will likely be unable to read any further OTR-encrypted messages. To terminate the OTR session right-click the OTR button and select "end session"". Tim From paul at cypherpunks.ca Tue May 29 11:03:42 2007 From: paul at cypherpunks.ca (Paul Wouters) Date: Tue, 29 May 2007 11:03:42 -0400 (EDT) Subject: [OTR-dev] session termination In-Reply-To: <96e269140705290613i2c6f433ak793bb6662354c2f@mail.gmail.com> References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <96e269140705290613i2c6f433ak793bb6662354c2f@mail.gmail.com> Message-ID: On Tue, 29 May 2007, Scott Ellis wrote: > using two gaim instances is no guarantee it's a miranda bug - two miranda > instances work fine together too. it's a matter of interpretation of the > specification...there are a number of problems i outlined in previous mails > with gaim's interpretation, and imo less problems with miranda's Ok, here is the log of gaim talking to mirande and one user going offline: (10:51:23 AM) letoams at xs: ok, let's try it (10:51:31 AM) eisbaer at jabber.ccc.de: ok, I'll exit Miranda (10:51:42 AM) eisbaer at jabber.ccc.de: send me a few messages then [ user goes offline ] (10:51:51 AM) letoams at xs: oki (10:51:56 AM) letoams at xs: message 2 (10:51:58 AM) letoams at xs: message 3 (10:52:01 AM) letoams at xs: message 4 [ user comes online ] (10:53:23 AM) The following message received from eisbaer at jabber.ccc.de was not encrypted: [ok] (10:53:32 AM) The following message received from eisbaer at jabber.ccc.de was not encrypted: [I received the follwing:] (10:53:46 AM) The following message received from eisbaer at jabber.ccc.de was not encrypted: [16:53:11 Paul Wouters: [OTR Message] The encrypted message received from Paul Wouters is unreadable, as you are not currently communicating privately. 16:53:11 Paul Wouters: [OTR Message] The encrypted message received from Paul Wouters is unreadable, as you are not currently communicating privately. 16:53:11 Paul Wouters: [OTR Message] The encrypted message received from Paul Wouters is unreadable, as you are not currently communicating privately. 16:53:11 Paul Wouters: [OTR Message] The encrypted message received from Paul Wouters is unreadable, as you are not currently communicating privately. ] (10:53:51 AM) letoams at xs: correct (10:53:53 AM) OTR Error: You sent encrypted data to OTR, who wasn't expecting it. (10:54:00 AM) Attempting to refresh the private conversation with eisbaer at jabber.ccc.de/Miranda... (10:54:01 AM) Successfully refreshed the unverified conversation with eisbaer at jabber.ccc.de/Miranda. (10:54:01 AM) The last message to eisbaer at jabber.ccc.de was resent. (10:54:03 AM) OTR Error: You sent encrypted data to OTR, who wasn't expecting it. [ This is the part I don't understand : we refreshed, so why isnt Mirande understanding this message? ] (10:54:08 AM) Successfully refreshed the unverified conversation with eisbaer at jabber.ccc.de/Miranda. (10:54:08 AM) The last message to eisbaer at jabber.ccc.de was resent. (10:54:10 AM) OTR Error: You sent encrypted data to OTR, who wasn't expecting it. (10:54:33 AM) The last message to eisbaer at jabber.ccc.de was resent. (10:54:37 AM) Private conversation with eisbaer at jabber.ccc.de/Miranda lost. [ Here I "end private communication" ] (10:54:39 AM) Attempting to start a private conversation with eisbaer at jabber.ccc.de/Miranda... (10:54:48 AM) letoams at xs: ok that's a miranda bug AFAIK (10:54:49 AM) Unverified conversation with eisbaer at jabber.ccc.de/Miranda started. (10:54:51 AM) Successfully refreshed the unverified conversation with eisbaer at jabber.ccc.de/Miranda. (10:54:56 AM) eisbaer at jabber.ccc.de: I even got some more error messages after going back online (10:55:11 AM) letoams at xs: with gaim-otr this works fine [ and only now does it work privately again ] The same user with gaim to my gaim: (10:58:44 AM) letoams at xs: ok let's do it with gaim too (10:59:21 AM) The following message received from eisbaer at jabber.ccc.de was not encrypted: [so] (10:59:35 AM) The following message received from eisbaer at jabber.ccc.de was not encrypted: [btw: I was too lazy to copy the keys from Miranda] (10:59:41 AM) letoams at xs: testing 1 2 3 (10:59:41 AM) OTR Error: You sent encrypted data to Eisbaer at jabber.ccc.de/Gaim, who wasn't expecting it. (10:59:52 AM) Unverified conversation with eisbaer at jabber.ccc.de/Gaim started. (10:59:52 AM) The last message to eisbaer at jabber.ccc.de was resent. (10:59:52 AM) The following message received from eisbaer at jabber.ccc.de was not encrypted: [so I'll have a new Key ID] (11:00:00 AM) letoams at xs: testing 4 5 6 (11:00:08 AM) eisbaer at jabber.ccc.de: now it's ok With a longer offline period, we got: (11:02:08 AM) eisbaer at jabber.ccc.de: I'll exit Pidgin, you go on sending me messages, ok? (11:02:28 AM) eisbaer at jabber.ccc.de: send 10 messages or so, just to be sure ;) (11:02:33 AM) letoams at xs: ok (11:02:40 AM) letoams at xs: I'll keep typing :) (11:02:46 AM) letoams at xs: and more (11:02:50 AM) letoams at xs: and more (11:02:55 AM) letoams at xs: I do notice now you are offline btw (11:04:16 AM) OTR Error: You sent encrypted data to Eisbaer at jabber.ccc.de/Gaim, who wasn't expecting it. (11:04:16 AM) OTR Error: You sent encrypted data to Eisbaer at jabber.ccc.de/Gaim, who wasn't expecting it. (11:04:16 AM) OTR Error: You sent encrypted data to Eisbaer at jabber.ccc.de/Gaim, who wasn't expecting it. (11:04:20 AM) OTR Error: You sent encrypted data to Eisbaer at jabber.ccc.de/Gaim, who wasn't expecting it. (11:04:38 AM) Successfully refreshed the unverified conversation with eisbaer at jabber.ccc.de/Gaim. (11:04:50 AM) The following message received from eisbaer at jabber.ccc.de was not encrypted: [hmm, these messages are unreadable as well] (11:04:53 AM) letoams at xs: hmm no resends now? (11:04:59 AM) eisbaer at jabber.ccc.de: not yet (11:05:16 AM) letoams at xs: is this miranda? (11:05:19 AM) eisbaer at jabber.ccc.de: (17:01:41) Paul Wouters: The encrypted message received from letoams at jabber.xs4all.nl is unreadable, as you are not currently communicating privately. (17:04:06) The encrypted message received from letoams at jabber.xs4all.nl is unreadable, as you are not currently communicating privately. (17:04:06) The encrypted message received from letoams at jabber.xs4all.nl is unreadable, as you are not currently communicating privately. (17:04:07) The encrypted message received from letoams at jabber.xs4all.nl is unreadable, as you are not currently communicating privately. (17:04:34) Tim: hmm, these messages are unreadable as well (11:05:28 AM) eisbaer at jabber.ccc.de: no, it's Pidgin 2.0 (11:05:36 AM) eisbaer at jabber.ccc.de: (formerly known as Gaim ;) ) (11:06:02 AM) eisbaer at jabber.ccc.de: I didn't close the message window (11:06:15 AM) letoams at xs: hmm (11:06:23 AM) letoams at xs: I guess needs needs more test cases :) Here we don't see any "resends". I am not sure why. Paul From paul at cypherpunks.ca Tue May 29 11:09:22 2007 From: paul at cypherpunks.ca (Paul Wouters) Date: Tue, 29 May 2007 11:09:22 -0400 (EDT) Subject: [OTR-dev] session termination In-Reply-To: <465C2F52.7070300@gmx.net> References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <46578A6F.1010708@gmx.net> <465C07E8.90608@gmx.net> <465C2F52.7070300@gmx.net> Message-ID: On Tue, 29 May 2007, Tim wrote: > New behaviour: > - Alice's Gaim plugin terminates the OTR session on its own, though it > didn't receive the termination-message from Bob. (It notifies Alice that > the encrypted session has ended, so she doesn't send any sensitive > information any more.) Going offline and online doesnt mean you cannot read those messages anymore. Only when you change your client when logging in from home to work or restart your IM client, will that happen. Two clients in OTR should be able to send and receive messages despite going online and offline. > If you really don't like this new behaviour, I suggest at least: > New behaviour B: > - Alice's OTR plugin displays her a warning: "Your communication partner > went offline and will likely be unable to read any further OTR-encrypted > messages. To terminate the OTR session right-click the OTR button and > select "end session"". But that is simply not true. Most network outages that don't involve any of the two partners to change/restart their IM client will keep working fine. Paul From timg10 at gmx.net Tue May 29 12:29:19 2007 From: timg10 at gmx.net (Tim) Date: Tue, 29 May 2007 18:29:19 +0200 Subject: [OTR-dev] session termination In-Reply-To: References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <46578A6F.1010708@gmx.net> <465C07E8.90608@gmx.net> <465C2F52.7070300@gmx.net> Message-ID: <465C54DF.3080901@gmx.net> Paul Wouters schrieb: > On Tue, 29 May 2007, Tim wrote: > > >> New behaviour: >> - Alice's Gaim plugin terminates the OTR session on its own, though it >> didn't receive the termination-message from Bob. (It notifies Alice that >> the encrypted session has ended, so she doesn't send any sensitive >> information any more.) >> > > Going offline and online doesnt mean you cannot read those messages anymore. > Only when you change your client when logging in from home to work or > restart your IM client, will that happen. Two clients in OTR should be > able to send and receive messages despite going online and offline. > > >> If you really don't like this new behaviour, I suggest at least: >> New behaviour B: >> - Alice's OTR plugin displays her a warning: "Your communication partner >> went offline and will likely be unable to read any further OTR-encrypted >> messages. To terminate the OTR session right-click the OTR button and >> select "end session"". >> > > But that is simply not true. Most network outages that don't involve any of > the two partners to change/restart their IM client will keep working fine. > > Paul > _______________________________________________ > OTR-dev mailing list > OTR-dev at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev > > Exiting the client is what I mean with "going offline". I'm certain, that most people exit their client instead of going offline and letting the client running. Why should they? So most people will lose their session key when they "go offline". From mail at scottellis.com.au Tue May 29 20:16:59 2007 From: mail at scottellis.com.au (Scott Ellis) Date: Wed, 30 May 2007 10:16:59 +1000 Subject: [OTR-dev] session termination In-Reply-To: <465C54DF.3080901@gmx.net> References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <46578A6F.1010708@gmx.net> <465C07E8.90608@gmx.net> <465C2F52.7070300@gmx.net> <465C54DF.3080901@gmx.net> Message-ID: <96e269140705291716w4d517b95vd015455d8a585323@mail.gmail.com> i think the part you don't understand may be just timing - see below >> If you really don't like this new behaviour, I suggest at least: >> New behaviour B: >> - Alice's OTR plugin displays her a warning: "Your communication partner >> went offline and will likely be unable to read any further OTR-encrypted >> messages. To terminate the OTR session right-click the OTR button and >> select "end session"". >> > > But that is simply not true. Most network outages that don't involve any of > the two partners to change/restart their IM client will keep working fine. i don't' think the problems users are having are caused by network outages. much more often they are caused by sending offline messages to people who really have exited their IM client - it seems to be the 'long time offline' issue you discovered above from libotr: /* How old are messages allowed to be in order to be candidates for * resending in response to a rekey? */ #define RESEND_INTERVAL 60 assuming that's seconds, the resend method is pretty useless in overcoming the majority of cases where users go offline - e.g. twice a day i'm offline when moving my laptop from work to home and visa versa what about adding an option in gaim to terminate sessions when contacts go offline? -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul at cypherpunks.ca Wed May 30 01:20:44 2007 From: paul at cypherpunks.ca (Paul Wouters) Date: Wed, 30 May 2007 01:20:44 -0400 (EDT) Subject: [OTR-dev] session termination In-Reply-To: <465C54DF.3080901@gmx.net> References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <46578A6F.1010708@gmx.net> <465C07E8.90608@gmx.net> <465C2F52.7070300@gmx.net> <465C54DF.3080901@gmx.net> Message-ID: On Tue, 29 May 2007, Tim wrote: > Exiting the client is what I mean with "going offline". I'm certain, > that most people exit their client instead of going offline and letting > the client running. Why should they? They just close the lid of their laptop. Why would they need to close the application? Or they leave their desktop all the time. Do people really turn on their computer 3 times a day? Paul From timg10 at gmx.net Wed May 30 05:14:44 2007 From: timg10 at gmx.net (Tim) Date: Wed, 30 May 2007 11:14:44 +0200 Subject: [OTR-dev] session termination In-Reply-To: References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <46578A6F.1010708@gmx.net> <465C07E8.90608@gmx.net> <465C2F52.7070300@gmx.net> <465C54DF.3080901@gmx.net> Message-ID: <465D4084.10409@gmx.net> Paul Wouters schrieb: > On Tue, 29 May 2007, Tim wrote: > > >> Exiting the client is what I mean with "going offline". I'm certain, >> that most people exit their client instead of going offline and letting >> the client running. Why should they? >> > > They just close the lid of their laptop. Why would they need to close > the application? > > Or they leave their desktop all the time. > > Do people really turn on their computer 3 times a day? > > Paul > _______________________________________________ > OTR-dev mailing list > OTR-dev at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev > > Yes they do. Even more often than 3 times a day. If I'm not using my PC, I always turn it off. Leaving it on all the time is a waste of energy and it makes annoying sounds. There is only one person I know who leaves his PC on all the time. You just gave another example of Gaim being unable to send a "session termination" -message: If you do close your laptop's lid, it sends your laptop to standby or hibernation mode. Gaim won't notice that early enough to terminate the session. And you usually won't reopen your laptop within 60 seconds or whatever Gaim's limit for resending messages is. Besides that: Even if I left my PC on all day, I wouldn't want to have my Instant Messager running all the time - too distracting. If I'm not using a program, I exit it. Why would I let it use up ressources for nothing? Do you leave your office program running when you just had to type a small letter in the morning and then don't need it any more? Tim From jelwell at singleclick.com Wed May 30 14:43:19 2007 From: jelwell at singleclick.com (Joseph Elwell) Date: Wed, 30 May 2007 11:43:19 -0700 Subject: [OTR-dev] session termination In-Reply-To: <465D4084.10409@gmx.net> References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <46578A6F.1010708@gmx.net> <465C07E8.90608@gmx.net> <465C2F52.7070300@gmx.net> <465C54DF.3080901@gmx.net> <465D4084.10409@gmx.net> Message-ID: <48C81888-D241-46C0-BB9A-B495D90FF33F@singleclick.com> > > You just gave another example of Gaim being unable to send a "session > termination" -message: If you do close your laptop's lid, it sends > your > laptop to standby or hibernation mode. Gaim won't notice that early > enough to terminate the session. And you usually won't reopen your > laptop within 60 seconds or whatever Gaim's limit for resending > messages is. > > Tim > I close my laptop 2 to 3 times a day. Once in the morning when I leave for work. Once in the afternoon when I leave for home. And, sometimes, a third time when head to a friend's house or close it for the night. However, I use OTR Proxy on Mac OS X (so no gaim). Most of the time I reopen my laptop and I need to restart OTR Proxy (although this doesn't always work either). Often times 5 or 6 restarts won't get OTR Proxy to work. It's as if the Mac has the port stuck and won't let OTR Proxy have access to the port. Joseph Elwell. From paul at cypherpunks.ca Wed May 30 19:11:45 2007 From: paul at cypherpunks.ca (Paul Wouters) Date: Wed, 30 May 2007 19:11:45 -0400 (EDT) Subject: [OTR-dev] session termination In-Reply-To: <465D4084.10409@gmx.net> References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <46578A6F.1010708@gmx.net> <465C07E8.90608@gmx.net> <465C2F52.7070300@gmx.net> <465C54DF.3080901@gmx.net> <465D4084.10409@gmx.net> Message-ID: On Wed, 30 May 2007, Tim wrote: > You just gave another example of Gaim being unable to send a "session > termination" -message: If you do close your laptop's lid, it sends your > laptop to standby or hibernation mode. Gaim won't notice that early > enough to terminate the session. And you usually won't reopen your > laptop within 60 seconds or whatever Gaim's limit for resending messages is. Actually, the OS should signal the application just before going to hibernation. I am not sure if Linux does this properly, but I think Adium on OSX properly handles this. (Note it takes a few seconds after you closed the lid on OSX before the LED goes flashing - that's your machine doing stuff related to preparing to hibernate). > Besides that: Even if I left my PC on all day, I wouldn't want to have > my Instant Messager running all the time - too distracting. If I'm not > using a program, I exit it. Why would I let it use up ressources for > nothing? Do you leave your office program running when you just had to > type a small letter in the morning and then don't need it any more? Yes I do :) Paul -- Building and integrating Virtual Private Networks with Openswan: http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155 From evan.s at dreskin.net Wed May 30 20:18:15 2007 From: evan.s at dreskin.net (Evan Schoenberg) Date: Wed, 30 May 2007 20:18:15 -0400 Subject: [OTR-dev] session termination In-Reply-To: References: <4656B312.4060604@gmx.net> <46571439.6050309@gmx.net> <46578A6F.1010708@gmx.net> <465C07E8.90608@gmx.net> <465C2F52.7070300@gmx.net> <465C54DF.3080901@gmx.net> <465D4084.10409@gmx.net> Message-ID: <748932C0-3A1B-4A61-ADD4-F69A090885F0@dreskin.net> On May 30, 2007, at 7:11 PM, Paul Wouters wrote: > Actually, the OS should signal the application just before going to > hibernation. I am not sure if Linux does this properly, but I think > Adium on OSX properly handles this The Adium bit is partially true. Adium receives a "will sleep" notification, responds with "wait until I say so", disconnects all accounts, then says "okay, proceed with sleep". When Adium was using gaim-otr, from Adium 0.80 through Adium 1.0, this led to proper behavior, as the signed-on and signed-off signals are used by gaim-otr as described. I nearly replied, "Yes, Adium does this properly," but a nagging feeling made me check the Adium 1.0 + code... and when I ported gaim-otr to being an Objective-C Adium component for 1.0, that bit didn't get carried over. I've put it on my to-do list for Adium... I'm glad that came up in discussion :) -Evan -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: This is a digitally signed message part URL: From marti at juffo.org Thu May 31 01:37:32 2007 From: marti at juffo.org (Marti Raudsepp) Date: Thu, 31 May 2007 08:37:32 +0300 Subject: [OTR-dev] session termination In-Reply-To: <48C81888-D241-46C0-BB9A-B495D90FF33F@singleclick.com> References: <4656B312.4060604@gmx.net> <465C07E8.90608@gmx.net> <465C2F52.7070300@gmx.net> <465C54DF.3080901@gmx.net> <465D4084.10409@gmx.net> <48C81888-D241-46C0-BB9A-B495D90FF33F@singleclick.com> Message-ID: <2a12af650705302237u2151fae8jfe148ae0721ac957@mail.gmail.com> On 5/30/07, Joseph Elwell wrote: > It's as if the Mac has the port stuck and won't > let OTR Proxy have access to the port. I haven't followed the rest of this discussion, but this problem seems similar to what happens on Linux -- connections will remain in TIME_WAIT state for some time after they have been disconnected, and this prevents programs from binding to any of the ports used by the connection. There's a cure for it -- SO_REUSEADDR. If you can be bothered, you might want to try if setting it before binding the socket. Marti From donny.viszneki at gmail.com Thu May 31 16:38:15 2007 From: donny.viszneki at gmail.com (Donny Viszneki) Date: Thu, 31 May 2007 16:38:15 -0400 Subject: [OTR-dev] session termination In-Reply-To: <2a12af650705302237u2151fae8jfe148ae0721ac957@mail.gmail.com> References: <4656B312.4060604@gmx.net> <465C07E8.90608@gmx.net> <465C2F52.7070300@gmx.net> <465C54DF.3080901@gmx.net> <465D4084.10409@gmx.net> <48C81888-D241-46C0-BB9A-B495D90FF33F@singleclick.com> <2a12af650705302237u2151fae8jfe148ae0721ac957@mail.gmail.com> Message-ID: <44acbb800705311338u23c36496la2a3a43f4de06909@mail.gmail.com> TWICE I thought I had sent this to the list, and twice I had only sent it to individual posters on the mailing list ("reply ot all" was the default reply behavior on my previous mail client.) > Currently the miranda plugin is using the alternative method and does not > send an OTR termination message when going offline (which is the source of > the bug). I wouldn't necessarily describe this as a "bug," nor would I describe the miranda plugin as the source of it. I would describe this as an acceptable, even preferable, design limitation of OTR. The real "source" of the problem is -- it seems to me -- latency and/or unavailability of the networking substrate underlying the channel over which both encrypted discussion, and negotiation of discussion sessions take place. In the case of OTR, this is usually an instant messaging service, but it's worth noting that in actuality it could be any medium over which arbitrary text can be exchanged between users. Consider this: What if a Miranda user is suddenly disconnected from their instant messaging service or the internet? What if your client or computer crashes? What happens to encrypted messages that are sent to you? Case 1: If the IM service doesn't wait for any sort of message receipt, those messages disappear into the ether (this is the case on AOL/AIM, and IRC.) Case 2: The IM service does expect a message receipt, and eventually returns an error to the sender of the message, telling them that their message didn't make it. Case 3: The IM service both waits for message receipt, AND queues its users' messages for them so that they can receive messages sent in their absence once they reconnect. (This is the case on many Jabber servers. GTalk once was case 1, now it too is case 3. And ICQ was once case 3, but I don't know what they do since AOL got them.) The common occurance of this "error" is caused by a Case 3 service, in this type of service there exists a unique potential for extreme latency on the networking substrate. It happens because you end up with an asymmetrical OTR state between two individuals; that is, one user believes there is still an OTR session, and the other user does not. I get these "Unreadable message" errors about a couple times a week using Jabber, and I accept it because I _understand_ three things: One, that on a Case 1 IM service the unreadable OTR messages will simply disappear into the ether. Two, that OTR is itself a sort of point-to-point IM service tunneled through another IM service. Three, that this message ought to have disappeared into the ether, because OTR is -- for good reason -- not a Case 3 service. So what seems like an error message is actually just extra information: on most Case 1 services you simply would never have known that a message was sent to you that never got there because you weren't connected at the time. But because OTR is privy to the fact that there WAS a message that was lost, it tells you so. And most people don't understand that it's not an error, it's just extra information. I believe that making OTR a case 2 service is not out of the question. Perhaps OTR should be able to report to the user whether or not their messages are actually being received. This simply means waiting for an ACK after each message is sent. Some questions that may be relevant that I don't know the answer to: Can OTR messages during an encrypted session be received out of order? Will the messages be readable? Will OTR notice that they are out of order? I think a case 3 situation for OTR would be very inadvisable. To have OTR cache outgoing private messages so that it can re-deliver them in a possible future session in case they accidentally lost the current one seems to me to be a dangerous idea, counterproductive to the goal of privacy. In short, yes it is nice when OTR reacts when I disconnect from my IM services by telling my friends to end their OTR sessions. But because of complications that have already been mentioned on this mailing list (you don't receive "buddy-online" notifications for everyone you might want to use OTR with,) it really only helps avoid a very small number of "unreadable message" "errors." Best Solution, IMHO: Include an explanatory hyperlink, a la: (05:03:16 PM) Unverified conversation with someuser started. On 5/31/07, Marti Raudsepp wrote: > On 5/30/07, Joseph Elwell wrote: > > It's as if the Mac has the port stuck and won't > > let OTR Proxy have access to the port. > > I haven't followed the rest of this discussion, but this problem seems > similar to what happens on Linux -- connections will remain in > TIME_WAIT state for some time after they have been disconnected, and > this prevents programs from binding to any of the ports used by the > connection. There's a cure for it -- SO_REUSEADDR. > > If you can be bothered, you might want to try if setting it before > binding the socket. > > Marti > _______________________________________________ > OTR-dev mailing list > OTR-dev at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-dev > From Rick.Ju at Sun.COM Thu May 31 22:15:36 2007 From: Rick.Ju at Sun.COM (Rick Ju) Date: Fri, 01 Jun 2007 10:15:36 +0800 Subject: [OTR-dev] A bug in Makefile.am pidgin-otr 3.0.1 Message-ID: <465F8148.5070909@sun.com> It is an easy one. And it only happens when people bother to run automake. patches/pidgin-otr-03-makefile.diff --- pidgin-otr/Makefile.am 2007-05-29 14:09:20.189688000 +0800 +++ pidgin-otr-my/Makefile.am 2007-05-29 14:09:06.814341000 +0800 @@ -6,9 +6,9 @@ plugin_LTLIBRARIES= pidgin-otr.la -gaim_otr_la_SOURCES= otr-plugin.c ui.c dialogs.c gtk-ui.c gtk-dialog.c -gaim_otr_la_LDFLAGS= -module -avoid-version -gaim_otr_la_LDFLAGS+= @LIBGCRYPT_LIBS@ @LIBOTR_LIBS@ +pidgin_otr_la_SOURCES= otr-plugin.c ui.c dialogs.c gtk-ui.c gtk-dialog.c +pidgin_otr_la_LDFLAGS= -module -avoid-version +pidgin_otr_la_LDFLAGS+= @LIBGCRYPT_LIBS@ @LIBOTR_LIBS@ EXTRA_DIST= dialogs.h gtk-dialog.h gtk-ui.h otr-plugin.h ui.h \ Makefile.mingw packaging