[OTR-dev] asynchronous privkey creation

Ian Goldberg ian at cypherpunks.ca
Sun Feb 21 18:40:32 EST 2010


On Mon, Feb 22, 2010 at 12:23:03AM +0100, Michael Zanetti wrote:
> Great! But I cannot add a dependency to a cvs version or patched version of 
> libotr to KDE. Any plans already when this change will hit the public?

I know there's a bunch of stuff in CVS, and more stuff in git, that
desparately wants attention.

The problem is there's no one other than me working on OTR right now,
and I'm also not working on OTR right now.  :-(  It makes me sad to let
the project languish, but my cycles are unfortunately limited.

So: I'd like some volunteers to help package/clean/finish the stuff in
CVS and git.  The main changes:

- The API cleanup (I'd call it done; it's been in CVS for a while)
- The fix for people logged in multiple times: this is a protocol
  change, and so serious business.  It's in git, but last I heard there
  were stray interoperability problems with the current version.  So
  this needs more testing before it can be released.
- The beginnings of OTR-protected file transfer were implemented during
  the last GSoC.  It sends files over the IM channel, not over an
  out-of-band channel the way files are normally sent.  This of course
  may upset IM server operators.  I think it also blocks the IM
  conversation until the file is completely transmitted.  This is of
  course only useful for small files.  So a triage would have to happen
  here.
- While we're doing a protocol change, I wanted to tweak the key
  exchange to add a little bit of extra deniability.  But it's looking
  like I just won't have the cycles for that, so I'm willing to let it
  slide for wire protocol version 3.

If one or more people are willing to help, I'm willing to set up a
conference call or chat room or something like that to discuss details.

Thanks, and let me know.

   - Ian


More information about the OTR-dev mailing list