[OTR-dev] ConnContext.username in XMPP
Kjell Braden
fnord at pentabarf.de
Sun Jun 22 10:42:03 EDT 2008
Hi,
I'm writing this to both otr-dev and . Please CC both lists on replying.
I recently came across an issue about the addressing of conversation
contexts in the XMPP protocol.
IMO, the most sensible way to identify a user in a context is to use the
full jid (ie. with resource: "user at server.tld/resource"), because you
could have multiple conversations to one user, where one resource knows
OTR and another doesn't.
OTOH, we have a problem when the local user does not know the resources
of the remote user for any reason. This can be the case when they are
not subscribed to each other, or when the remote user is invisible. The
remote user could start an OTR session and the stanza would contain a
resource (from="user at server.tld/resource").
Now the local user receives the message and creates a context for
"user at server.tld/resource". But since the local user does not know about
any resources, the messages he sends have to be sent to
"user at server.tld".
The OTR lib now checks for the context with the remote user
"user at server.tld" and will find nothing, as it only knows the full JID.
So, it will not encrypt the sent message to the remote user, because it
does not find any conversation context. The remote user will see the
message as "not encrypted though we should be encrypted", because he
started the encrypted conversation.
Any ideas/thoughts on how to handle this case?
Kjell
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20080622/8d33d4ef/attachment.pgp>
More information about the OTR-dev
mailing list