[OTR-dev] Fwd: EMPP - What can XMPP benefit from the new Echo Chat Protocol?

[Randolph D.]

2013/7/27 Ian Goldberg <ian at cypherpunks.ca>

> On Sat, Jul 27, 2013 at 08:23:51PM +0200, Randolph D. wrote:
> > Dear Nathan
> > thanks for the update, i am not advanced with OTR. I just try to
> understand
> > both, how the encryption of GoldBug works and how ORT is sending it. One
> > Point was, that you send your message always to ONE Server, e.g. Jabber /
> > XMPP Server.
> > With a Echo Server from GoldBug E*MPP you send the message to 3-4 Servers
> > parallel, so the missunderstanding of the question was not to send it in
> > sequence. I just think with the new EMPP Server model, which sends out
> > redundancy to 3-4 Servers at the same time. When my friend has my key,
> and
> > i send it over a jabber server, this route can be mapped.
> > When I connect to several jabber Servers, and I would modify OTR to send
> it
> > to 4 jabber Servers, would the Destination then get the message several
> > times? Or just once or would the Connection be dropped, as I have no
> > Account at the other jabber Servers?
> > Ok, that was the thought in regard to EMPP and XMPP Comparison.
> > As I see, OTR is a plugin, now the tought to integrate the echo sever
> > protocol, then you send our your message either over jabber and as well
> > over E*MPP and the Destination with the same plugin would be able to get
> > it, either over echo and/or over jabber.
> >
> > The thing is: of course you can send the OTR (or as well GoldBug)
> > encryption over a jabber server.
> > And of course you can send OTR over GoldBug. In case this is done, you
> need
> > no accounts at jabber server anymore. You would be free.
>
> I have a hard time understanding what you're trying to ask.
>
> To be precise, OTR is a message format and protocol.  pidgin-otr is the
> plugin for the Pidgin IM client that implements the protocol.  Lots of
> other IM clients implement the OTR protocol using their own mechanisms.
>
> OTR is intended to be transport-agnostic, so long as the transport
> delivers messages in order.  (On the theory that having an IM
> conversation will make no sense if messages are delivered out of order.
> Hopefully the Goldbug protocol has sequence numbers, or something like
> that, to order messages correctly when they're sent via disparate paths?)
> *Reliable* delivery is not assumed, however; if the underlying IM
> network drops messages, your OTR messages will similarly be dropped.
> Indeed, if the underlying IM network reorders messages, the only badness
> that happens is that the OTR messages may also get dropped.
>
> If the underlying IM network sends lots of copies of the OTR messages
> (say via different servers), only one will be displayed to the received,
> and the rest will be dropped as duplicates.
>
> Does that answer your question?  If not, can you be more precise about
> your question?
>

Dear Ian
yes i understand it not better and if we can think together about the
Option I can write some sentences still:

The question is, if OTR can send Messages from GoldBug over OTR and the
second question is, if OTR Messages  could be send over the GoldBug.

I read that e.g. for Google it is possible to send encrypted Messages over
a Goggle-to-Google user Connection.
But... when there is only encryption sent, the admins will drop that.
So my question is, - IF OTR implements the GoldBug Kernel (spot-on-kernel
from libspoton) - and sends the message as well over Google (and second)
as  well over the GoldBug/Spot Network, then the user will get this message
in any case, even if a Chat Partner Connection is dropped or not allowed.
So in this case you send the OTR Message over the echo protocol (so is it
called for GoldBug / libspoton). All you need is to run the Kernel binary
of libspoton as an E*MPP server.

Second, now the other way round, would it be possible, that a GoldBug
Message is sent to OTR, then transferred over Google to Google user. and in
case the recipient has as well the OTR-E*MPP  Hybrid Api installed, it
would be possible to decrypt that GoldBug Message.

The Echo Protocol with an E*MPP Chat Server as kernel in a hybrid OTR
allows then to be more flexible and would add a multilayer of encryption to
both. Furthermore it would provide GoldBug an Api for e.g. Pidgin, when
OTR can READ and accept GoldBug Messages.

So the simple Research question is: USER A ->  OTR -> PIDGIN -> PIDGIN ->
OTR -> USER B   can be transformed to

USER A -> GOLDBUG ->  OTR -> PIDGIN -> PIDGIN -> OTR -> GOLDBUG - > USER B

(this could be used as a dedicated line in GoldBug, so called HALF Echo
connection)

If we then switch to an example, to use several jabber Servers in sequence,
it would spread the message  - if the FULL echo (= not ONE dedicated
connection line) would be used - PARALLEL to several servers.

This would help people in censored environments and fit with the plausible
deiability of OTR, as GoldBug has this as well for a Web of Trust (WoT)
build on the p2p Network of libspoton. See Homepage of Goldbug.sf.net for
more Details.

So many new ideas. If that could be thought, the idea would be to create in
OTR an API to the E*MPP Echo Kernel and then GoldBug could deploy it
or vice versa.

What do you think? Too complex?

Kind Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20130727/f7e2405f/attachment.html>