From gmaxwell at gmail.com Sat Jan 1 23:30:54 2005 From: gmaxwell at gmail.com (Gregory Maxwell) Date: Sat, 1 Jan 2005 23:30:54 -0500 Subject: [OTR-users] Stylometry? Message-ID: Not directly related to OTR, but is anyone on the OTR list aware of any papers on techniques to disguise/obscure writing style? Right now a potential hole in the protection that OTR provides is that the remote party that you are communicating with could record a log of the conversation then he could potentially convince a third party that his log was you by a compelling analysis of writing style, especially if he could show that he did not have access to the analysis corpus until some time after having possession of the log. (For example, he has a timestamp service record the hash of the log, then later a court order against AOL produces a log of your last 10 years of IM traffic to use as a basis for analysis) It might be interesting to provide a plugin that can help you suppress text which may be strongly indicative of the identity of the sender (like a spell checker). Because of the relatively low volume of data provided by IMs, it's likely that a small amount of style masking will be sufficient to prevent a convincing argument. Further the mere availability of style masking and style morphing tools will reduce the credibility of such arguments. The intention of such a plugin would not be to convert all of my IM text into "da im spk of a 13yr old LOL!" but rather help me reduce/confuse the few minor traits in my communication that separate me from the large set of people who send well formed english sentences and thereby make it easier for an attacker with only access to a small am out of my text (a single conversation) to generate an equal amount of plausible alternative text. Such a plugin would also increase the range of my output, making far more texts plausible. Unfortunately to develop such a plugin, it would be useful (required?) to have access to large corpuses of IM text and right now the only groups with access to such data (AOL, etc) have a substantial interested in preventing privacy improving technology. .. If stylometry were a mature science it would be interesting for each user to begin every conversation with a stylometric vector that,combined with a few messages, would be sufficient for helping an attacker form additional messages that appeared via stylometric analysis to be from that user... (i.e. an efficient representation of the important stylometric factors from a corpus of non-sensitive messages). I don't think that we are to that point yet. A long term approach for defense against stylometric analysis for IM systems would be to frustrate any attempts to collect a corpus of your IM writing for analysis. This defense would likely be infeasable with email (due to public message boards), but is more realistic for realtime systems which are often more private. Pervasive use of OTR could go a long way to furthering this goal, but it would do much for those of us who have already likely had a decade or more of IM conversation (previous analysis of my own logs suggests that I may transmit around 50k/messages per year) archived in unknown places beyond our control. From paul at cypherpunks.ca Sun Jan 2 10:14:15 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Sun, 2 Jan 2005 16:14:15 +0100 (MET) Subject: [OTR-users] Stylometry? In-Reply-To: References: Message-ID: On Sat, 1 Jan 2005, Gregory Maxwell wrote: > Right now a potential hole in the protection that OTR provides is that > the remote party that you are communicating with could record a log of > the conversation then If you don't trust your conversation partner, you should not be telling them anything, even over OTR. I consider OTR a protection against external listening ears, and stil assume all my conversations end up being logged on the remote disk. As for obfuscating writing styles for a judge, I've learned that judges t hard enough to understand normal technology, and they will strongly dislike you if you start playing technological games in court. > order against AOL produces a log of your last 10 years of IM traffic > to use as a basis for analysis) Those logs will be encrypted with OTR, and unreadable to everyone including the sender and receiver. > to have access to large corpuses of IM text and right now the only > groups with access to such data (AOL, etc) have a substantial > interested in preventing privacy improving technology. .. That is not entirely true. It is really an American misconception that corporations should have as much info and power through legal clauses in contracts to protect themselves against third party claims or governments. I've argued on occasions (including my upstream ISP) that not having such data or power is a much better defendable position in court, and that having less power over a customer actually removes you from conflicts of your customers with third parties much more effectively. Unfortunately, in the US, lawyers will just not even think of removing the 'we can do whatever we want for whatever non-reason if we feel like it' clause. And as a result, third parties will try to invoke that power (eg Scientology to name just one). And I guess give those same lawyers work to do..... > A long term approach for defense against stylometric analysis for IM > systems would be to frustrate any attempts to collect a corpus of your > IM writing for analysis. This defense would likely be infeasable with > email (due to public message boards), but is more realistic for > realtime systems which are often more private. You can turn your arugment around. Leaking a lot of my writing style gives me the perfect excuse to write 'U 4r3 31337, k177 h1m' and claim that wasn't you who wrote it. These types of games will be thrown out by any court or agency as wild speculation at best. Paul -- "At best it is a theory, at worst a fantasy" -- Michael Crichton From gmaxwell at gmail.com Sun Jan 2 14:14:30 2005 From: gmaxwell at gmail.com (Gregory Maxwell) Date: Sun, 2 Jan 2005 14:14:30 -0500 Subject: [OTR-users] Stylometry? In-Reply-To: References: Message-ID: On Sun, 2 Jan 2005 16:14:15 +0100 (MET), Paul Wouters wrote: > If you don't trust your conversation partner, you should not be telling > them anything, even over OTR. Well thats true, but at the same time the stated goal of OTR is it to give online conversations the same properties as private offline conversations. OTR gets fairly close to that goal, but there are still some places where it's not perfect. For example, the person you are talking to could defect, and decide to help the dissident smashing mafia. They provid him with a computer with a copy of OTR they have verified and he sits down in front of them and converses with you. After seizing your computer and seeing your private key, they are confident you are who you say you are. This same even can happen in face-to-face communication, OTR doesn't do any worse. But lets consider my concern... The party you've been talking to for ages logs your conversations and then is either captured or defects. Beyond the obvious information leak, it's possible that a third party could be convinced you where the author of the text. Beyond style masking, I had another idea... what if in addition to the RSA private key, each party maintained a separate long term DH key. At the beginning of every conversation, a DH key negotiation takes place (inside the secure channel) and a key is generated to encrypt their log file of the conversation. When the OTR session is torn down they toss the key. A user, in isolation, would be unable to reveal the logs even under duress. For some users, this would be a desirable way to store the logs. For others it wouldn't (or they would simply prefer a simple password driven system), but this method could only be used if OTR facilitated an additional DH exchange. (otherwise, I assume log storage it outside the scope of OTR) > I consider OTR a protection against external listening ears, and stil > assume all my conversations end up being logged on the remote disk. Sure. > As for obfuscating writing styles for a judge, I've learned that judges > t hard enough to understand normal technology, and they will strongly > dislike you if you start playing technological games in court. Now thats true... But perhaps stylemasking would be better used on IM traffic that is sup posted to go in the comparison set, to prevent the analysis. > > order against AOL produces a log of your last 10 years of IM traffic > > to use as a basis for analysis) > Those logs will be encrypted with OTR, and unreadable to everyone including > the sender and receiver. Not yet, sadly. I have hundreds of thousands of IM that could well be stored outside of my control *already*, and I continue to generate them since not everyone I talk to is able to use OTR (I fully intend to refuse to IM with people who are *unwilling*, but until there is a windows gaim port, there are quite a few who are unable.. Changing platforms just to talk to me isn't really reasonable). > That is not entirely true. It is really an American misconception that corporations > should have as much info and power through legal clauses in contracts to protect themselves > against third party claims or governments. I've argued on occasions (including > my upstream ISP) that not having such data or power is a much better defendable > position in court, and that having less power over a customer actually removes you > from conflicts of your customers with third parties much more effectively. Many years ago I worked at a small (dialup) ISP (before the birth of monopoly controlled broadband made such businesses near impossible).. Or policy was to log as little as possible and retain what we did log for only as long as we had to (for troubleshooting and such). Past that all logs were fed to summarization scripts. This wasn't because we were privacy mavens, it was just a matter to reduce our costs in storing and potentially the costs in retrieving the data. This was also because we believe that it would be unconscionable to otherwise profit from that data... so we really had no reason to keep it. > Unfortunately, in the US, lawyers will just not even think of removing the > 'we can do whatever we want for whatever non-reason if we feel like it' clause. > And as a result, third parties will try to invoke that power (eg Scientology > to name just one). And I guess give those same lawyers work to do..... If I were designing an IM system, I would find it idiotic to make all client to client traffic go through some servers I ran, both from a traffic perspective and from the liability of being asked to monitor the traffic.... But that position is because I wouldn't decide to otherwise profit from the IM traffic. However, thats not the position of some of todays corporate operators: The worlds IM traffic is insanely valuable data, and even if their actions are limited by wiretap laws (which, right now it doesn't look like they are..) they still can likely collect statistical aggregations, which can be as commercially valuable as the raw IM traffic. Whatever the cost of being forced to disclose information, or the risk of employees using the information unlawfully, it's obviously small compared to the potential (although immoral, in my view) gains of having access to the information. > You can turn your arugment around. Leaking a lot of my writing style gives > me the perfect excuse to write 'U 4r3 31337, k177 h1m' and claim that wasn't > you who wrote it. These types of games will be thrown out by any court or agency > as wild speculation at best. An excellent point... It might be useful to amend the OTR documentation to discuss the reality of logging (that it happens, and you can't prevent the remote party from doing it, and you shouldn't try because they can always bypass it.. and then you'll have a false sense of security). Thanks for your reply! From mcr at sandelman.ottawa.on.ca Sun Jan 2 14:53:24 2005 From: mcr at sandelman.ottawa.on.ca (Michael Richardson) Date: Sun, 02 Jan 2005 14:53:24 -0500 Subject: [OTR-users] Stylometry? In-Reply-To: Message from Gregory Maxwell of "Sun, 02 Jan 2005 14:14:30 EST." References: Message-ID: <8012.1104695604@marajade.sandelman.ottawa.on.ca> -----BEGIN PGP SIGNED MESSAGE----- >>>>> "Gregory" == Gregory Maxwell writes: Gregory> Beyond style masking, I had another idea... what if in Gregory> addition to the RSA private key, each party maintained a Gregory> separate long term DH key. At the beginning of every Gregory> conversation, a DH key negotiation takes place (inside the Gregory> secure channel) and a key is generated to encrypt their log Gregory> file of the conversation. When the OTR session is torn Gregory> down they toss the key. A user, in isolation, would be Gregory> unable to reveal the logs even under duress. Okay, that addresses the situation where a user is under duress. But, the problem you are trying to solve is akin to what the "content" industry thinks they can solve: that you can every secure information *against* the owner of the computer you are transmitting it to. I think that a routine to shovel all your text out to google/alta-vista/babel translators through three languages and back to your native one would be better. All meaning in your words would be gone :-) Gregory> If I were designing an IM system, I would find it idiotic Gregory> to make all client to client traffic go through some Gregory> servers I ran, both from a traffic perspective and from the Gregory> liability of being asked to monitor the traffic.... But well, got to rid the world of NATs :-) - -- ] ON HUMILITY: to err is human. To moo, bovine. | firewalls [ ] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[ ] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[ ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Finger me for keys iQCVAwUBQdhRLYqHRg3pndX9AQGA3wQApGC9RV+uGV/1EKsDaeYBptHfRpJIo0nc lnNjOaNtvbCKF/lyN8awYmPSXHgRCe8hhvXtvHCQfA7nc1KnwGRUnYF350wByrS5 f7p9RWNaeXIXgxvF6KOP5lZ4wJZPSSYPRDIwN4w4LzgsObz9Ua0cRsY/9Ndd6Lam oUFASxW7SHc= =mGq7 -----END PGP SIGNATURE----- From alex323 at gmail.com Tue Jan 18 20:02:45 2005 From: alex323 at gmail.com (alex323) Date: Tue, 18 Jan 2005 20:02:45 -0500 Subject: [OTR-users] Bug #1 Message-ID: <41EDB1B5.2080108@gmail.com> When you refresh your keys, (You click on the OTR button during a private conversation) a messagebox comes up saying: "Successfully refreshed private connection with " However, is YOUR screenname rather than the other party's screenname. From paul at cypherpunks.ca Tue Jan 18 20:51:27 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Wed, 19 Jan 2005 02:51:27 +0100 (CET) Subject: [OTR-users] Bug #1 In-Reply-To: <41EDB1B5.2080108@gmail.com> Message-ID: On Tue, 18 Jan 2005, alex323 wrote: > When you refresh your keys, (You click on the OTR button during a > private conversation) a messagebox comes up saying: "Successfully > refreshed private connection with " However, is > YOUR screenname rather than the other party's screenname. I don't have that. It is clearly the other person's name.... What version/platform are you running? Paul From alex323 at gmail.com Tue Jan 18 20:53:30 2005 From: alex323 at gmail.com (alex323) Date: Tue, 18 Jan 2005 20:53:30 -0500 Subject: [OTR-users] Bug #1 In-Reply-To: References: Message-ID: <41EDBD9A.6070203@gmail.com> Windows Gaim v 1.1.1 (otr-gaim 1.0.3) on Windows XP Home SP2 Paul Wouters wrote: >On Tue, 18 Jan 2005, alex323 wrote: > > > >>When you refresh your keys, (You click on the OTR button during a >>private conversation) a messagebox comes up saying: "Successfully >>refreshed private connection with " However, is >>YOUR screenname rather than the other party's screenname. >> >> > >I don't have that. It is clearly the other person's name.... > >What version/platform are you running? > >Paul > > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From paul at cypherpunks.ca Tue Jan 18 21:17:43 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Wed, 19 Jan 2005 03:17:43 +0100 (CET) Subject: [OTR-users] Bug #1 In-Reply-To: <41EDBD9A.6070203@gmail.com> Message-ID: On Tue, 18 Jan 2005, alex323 wrote: > Windows Gaim v 1.1.1 (otr-gaim 1.0.3) on Windows XP Home SP2 I tried to generate a new jabber account and talk to my other machine, but my accounts don't seem to want to authenticate (or know about) the other. Paul From alex323 at gmail.com Tue Jan 18 21:56:36 2005 From: alex323 at gmail.com (alex323) Date: Tue, 18 Jan 2005 21:56:36 -0500 Subject: [OTR-users] Bug #1 In-Reply-To: References: Message-ID: <41EDCC64.8050202@gmail.com> I think I figured out hte problem. I was talking to myself. I have two AIM accounts on one gaim account. Paul Wouters wrote: >On Tue, 18 Jan 2005, alex323 wrote: > > > >>Windows Gaim v 1.1.1 (otr-gaim 1.0.3) on Windows XP Home SP2 >> >> > >I tried to generate a new jabber account and talk to my other machine, >but my accounts don't seem to want to authenticate (or know about) the >other. > >Paul > > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From gmaxwell at gmail.com Tue Jan 18 22:18:30 2005 From: gmaxwell at gmail.com (Gregory Maxwell) Date: Tue, 18 Jan 2005 22:18:30 -0500 Subject: [OTR-users] New OTR Message-ID: The windows port of OTR appears to be working for a couple of my gaim/windows using friends. (well at least after they upgraded from really old gaim). An installer would be nice, but I suppose I'd also like a pony. Thanks for the software. :) Another point: I think the popup on establishment is silly.. It's annoying when someone establishes OTR with you (which can happen at odd times) and you get a silly extra window. Better to just display any OTR session related messages in the coversation window, just like the 'you recieved an unencrypted message..' messages. From ian at cypherpunks.ca Tue Jan 18 23:50:11 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Tue, 18 Jan 2005 23:50:11 -0500 Subject: [OTR-users] New OTR In-Reply-To: References: Message-ID: <20050119045011.GK1060@smtp.paip.net> On Tue, Jan 18, 2005 at 10:18:30PM -0500, Gregory Maxwell wrote: > The windows port of OTR appears to be working for a couple of my > gaim/windows using friends. (well at least after they upgraded from > really old gaim). An installer would be nice, but I suppose I'd also > like a pony. Thanks for the software. :) I hope you've got a place to put your pony. gaim-otr Win32 installer: http://www.cypherpunks.ca/otr/gaim-otr-1.0.3.exe gpg signature: http://www.cypherpunks.ca/otr/gaim-otr-1.0.3.exe.asc Thanks to Paul! :-) > Another point: I think the popup on establishment is silly.. It's > annoying when someone establishes OTR with you (which can happen at > odd times) and you get a silly extra window. Better to just display > any OTR session related messages in the coversation window, just like > the 'you recieved an unencrypted message..' messages. The problem is that you need to make absolutely sure the "established private connection" message is unforgeable, so we do it in a separate window. - Ian From paul at cypherpunks.ca Wed Jan 19 18:44:45 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Thu, 20 Jan 2005 00:44:45 +0100 (CET) Subject: [OTR-users] yum and up2date/RHN support added to repositories Message-ID: Hi otr users, I have changed the layout of the binaries to make it easier to setup automatic repositories for rpm based distributions. Using YUM: Add to /etc/yum.conf or /etc/yum.repos.d/otr.conf [otr] name=otr - Fedora OTR packages baseurl=ftp://ftp.openswan.org/mirror/otr/binaries/fedora/$releasever/$basearch/ http://www.xelerance.com/mirror/otr/binaries/fedora/$releasever/$basearch/ # get the key for paul at cypherpunks.ca from a key server (eg pgpkeys.mit.edu) # or: finger paul at xelerance.com > otrkey ; rpm --import otrkey gpgcheck=0 enabled=1 up2date and RHN users: Add a line to /etc/sysconfig/rhn/sources saying: yum otr ftp://ftp.openswan.org/mirrors/otr/fedora/3/$ARCH/ The yum example has gpgchecks disabled, because yum/rpm will always fail on the signature, even if the key is properly imported using rpm --import. This has been reported in the past to RedHat. I am not sure why these keys do not work. We have the same problem with openswan packages that we sign. The repository should work for both Fedora Core 2 and 3. If people wish to see another rpm distributions supported, let me know. I will add binaries for Suse later today. Paul From gmaxwell at gmail.com Thu Jan 20 16:32:30 2005 From: gmaxwell at gmail.com (Gregory Maxwell) Date: Thu, 20 Jan 2005 16:32:30 -0500 Subject: [OTR-users] Shared secret authentication? Message-ID: Has there been any thought given to the use of shared secrets for initial RSA key authentication? Users establish a 'secret phrase' out of band (potentially in advance of ever using OTR). When OTR sees a new 'untrusted' RSA. Each end gets the option of providing a secret phrase. (there are a couple of pretty good MTM proof ways of authenticating with a preshared secret, I can describe one if anyone needs it spelled out)... The preshared secret is never stored. It should be processed with an expensive transform PBKDF2 to prevent a MTM from attempting a dictionary attack. This would be useful in the case where users must authenticate before they have installed OTR or where as user must move between systems from time to time and there is not a readily available secure channel the reconfirm the new keys. It might also provide more security because users are more likely to actually exchange a phrase than get on the phone and read off a bunch of digits. On that topic--- In addition to displaying the public key hash in hex, it might be useful to create a transformation that expresses it as english words (uses the words to look up in a dictionary). This way there is a pretty good chance that someone can 'remember' part of another person's key id when they go to another client without the stored keys. Of course, if you just use part of the hash, it would make it possible for someone to generate keys until they find a matching string... So rather it should expand the whole hash (or at least a large part of it) and users should then use a non predictable subset for verification. From alex323 at gmail.com Thu Jan 20 16:38:18 2005 From: alex323 at gmail.com (alex323) Date: Thu, 20 Jan 2005 16:38:18 -0500 Subject: [OTR-users] Shared secret authentication? In-Reply-To: References: Message-ID: <41F024CA.4080406@gmail.com> OTR uses RSA? Gregory Maxwell wrote: >Has there been any thought given to the use of shared secrets for >initial RSA key authentication? > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From alex323 at gmail.com Thu Jan 20 16:41:54 2005 From: alex323 at gmail.com (alex323) Date: Thu, 20 Jan 2005 16:41:54 -0500 Subject: [OTR-users] My first self generated data message Message-ID: <41F025A2.6010807@gmail.com> Hey all, I've finally finished by 'GenerateData' method and was wondering if anyone was willing to check if it's right. Thanks (16:32:32) *** Server Listening on port 654 (16:32:38) 127.0.0.1 has connected to us. Client GUID: 53dca368-6877-40a3-81ce-5bf40ca2cdf1 (16:32:54) Them: ?OTR:AAEDAAAAAAEAAAACAAAAwMjBdruodQJeIJEF57lqZPcpKW4Txt72BQg52wgRlzuk1NLVyUNJs7L52E53LrWcLGKDTtlPWQSNeZrIVY40DPZbD7YlI23o5dPtqsyZnGISuOBk23sc77HHuU1K1b6U1uk2p40avrOmGcn7lq/C62u09oPPHF67j6FCAP1oMFFMjC4i/CYjTtNbFQSRr0avAHaaRwkqqTqEQrjKPsTjKkzLBYK04+SICe0rD81YJNaXGP6PuuSo+JrkJQE0jKkTywAAAAAAAAAAmAW3D31RynAMmp9J3oN4EmE1YTByqGCih5EkZHrtitOZlYBy. (16:34:05) Them: ?OTR:AAEDAAAAAAEAAAACAAAAwMjBdruodQJeIJEF57lqZPcpKW4Txt72BQg52wgRlzuk1NLVyUNJs7L52E53LrWcLGKDTtlPWQSNeZrIVY40DPZbD7YlI23o5dPtqsyZnGISuOBk23sc77HHuU1K1b6U1uk2p40avrOmGcn7lq/C62u09oPPHF67j6FCAP1oMFFMjC4i/CYjTtNbFQSRr0avAHaaRwkqqTqEQrjKPsTjKkzLBYK04+SICe0rD81YJNaXGP6PuuSo+JrkJQE0jKkTywAAAAAAAAAAKd2S0tFYxdaN3KtfIyQyx2E1YTByqGCih5EkZHrtitOZlYBy. (16:34:13) Them: ?OTR:AAEDAAAAAAEAAAACAAAAwMjBdruodQJeIJEF57lqZPcpKW4Txt72BQg52wgRlzuk1NLVyUNJs7L52E53LrWcLGKDTtlPWQSNeZrIVY40DPZbD7YlI23o5dPtqsyZnGISuOBk23sc77HHuU1K1b6U1uk2p40avrOmGcn7lq/C62u09oPPHF67j6FCAP1oMFFMjC4i/CYjTtNbFQSRr0avAHaaRwkqqTqEQrjKPsTjKkzLBYK04+SICe0rD81YJNaXGP6PuuSo+JrkJQE0jKkTywAAAAAAAAAAv06nEMSfsnMf5iAnhnj5dWE1YTByqGCih5EkZHrtitOZlYBy. (16:35:30) *** Client Disconnected - Alex -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From alex323 at gmail.com Thu Jan 20 17:15:09 2005 From: alex323 at gmail.com (alex323) Date: Thu, 20 Jan 2005 17:15:09 -0500 Subject: [OTR-users] New message type? Message-ID: <41F02D6D.9030904@gmail.com> Why not make a message like this?: ?OTR. (question mark, O-T-R, period) This would be cool to use when you want to end a conversation with someone without the UI (This solves the problem with the proxy). What do you all think? - Alex -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From ian at cypherpunks.ca Thu Jan 20 17:30:25 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 20 Jan 2005 17:30:25 -0500 Subject: [OTR-users] New message type? In-Reply-To: <41F02D6D.9030904@gmail.com> References: <41F02D6D.9030904@gmail.com> Message-ID: <20050120223025.GF1060@smtp.paip.net> On Thu, Jan 20, 2005 at 05:15:09PM -0500, alex323 wrote: > Why not make a message like this?: > > ?OTR. > (question mark, O-T-R, period) > > This would be cool to use when you want to end a conversation with > someone without the UI (This solves the problem with the proxy). What do > you all think? That doesn't have to be a message type, since that string will never leave the proxy. It's just a local command; it's a good idea, except that it's only useful because there's no UI for the proxy yet, and effort would probably be better spent in that direction. - Ian From ian at cypherpunks.ca Thu Jan 20 17:34:51 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 20 Jan 2005 17:34:51 -0500 Subject: [OTR-users] My first self generated data message In-Reply-To: <41F025A2.6010807@gmail.com> References: <41F025A2.6010807@gmail.com> Message-ID: <20050120223451.GH1060@smtp.paip.net> On Thu, Jan 20, 2005 at 04:41:54PM -0500, alex323 wrote: > Hey all, I've finally finished by 'GenerateData' method and was > wondering if anyone was willing to check if it's right. Thanks > > (16:32:32) *** Server Listening on port 654 > (16:32:38) 127.0.0.1 has connected to us. Client GUID: > 53dca368-6877-40a3-81ce-5bf40ca2cdf1 > (16:32:54) Them: > ?OTR:AAEDAAAAAAEAAAACAAAAwMjBdruodQJeIJEF57lqZPcpKW4Txt72BQg52wgRlzuk1NLVyUNJs7L52E53LrWcLGKDTtlPWQSNeZrIVY40DPZbD7YlI23o5dPtqsyZnGISuOBk23sc77HHuU1K1b6U1uk2p40avrOmGcn7lq/C62u09oPPHF67j6FCAP1oMFFMjC4i/CYjTtNbFQSRr0avAHaaRwkqqTqEQrjKPsTjKkzLBYK04+SICe0rD81YJNaXGP6PuuSo+JrkJQE0jKkTywAAAAAAAAAAmAW3D31RynAMmp9J3oN4EmE1YTByqGCih5EkZHrtitOZlYBy. Nope. "Invalid Data Message". You can use otr_parse in the toolkit to at least check that the structure of your messages is correct. - Ian From ian at cypherpunks.ca Thu Jan 20 19:27:13 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 20 Jan 2005 19:27:13 -0500 Subject: [OTR-users] Shared secret authentication? In-Reply-To: References: Message-ID: <20050121002713.GI1060@smtp.paip.net> On Thu, Jan 20, 2005 at 04:32:30PM -0500, Gregory Maxwell wrote: > Has there been any thought given to the use of shared secrets for > initial RSA key authentication? > > Users establish a 'secret phrase' out of band (potentially in advance > of ever using OTR). When OTR sees a new 'untrusted' RSA. Each end gets > the option of providing a secret phrase. (there are a couple of pretty > good MTM proof ways of authenticating with a preshared secret, I can > describe one if anyone needs it spelled out)... The preshared secret > is never stored. It should be processed with an expensive transform > PBKDF2 to prevent a MTM from attempting a dictionary attack. > > This would be useful in the case where users must authenticate before > they have installed OTR or where as user must move between systems > from time to time and there is not a readily available secure channel > the reconfirm the new keys. It might also provide more security > because users are more likely to actually exchange a phrase than get > on the phone and read off a bunch of digits. That's a pretty interesting suggestion. An easy way would be to calculate SHA-1(dir, sessionid, secret) and exchange those values [once the session is established]. (Use the stretched secret, of course.) Technically, you could even do that "by hand" (even on the command line if you don't care about the stretching), but that does sound like a cool feature. > On that topic--- > > In addition to displaying the public key hash in hex, it might be > useful to create a transformation that expresses it as english words > (uses the words to look up in a dictionary). This way there is a > pretty good chance that someone can 'remember' part of another > person's key id when they go to another client without the stored > keys. Of course, if you just use part of the hash, it would make it > possible for someone to generate keys until they find a matching > string... So rather it should expand the whole hash (or at least a > large part of it) and users should then use a non predictable subset > for verification. That's the S/KEY idea (http://www.faqs.org/rfcs/rfc1760.html). The particular word list they use isn't the best, though. - Ian From ian at cypherpunks.ca Thu Jan 20 20:12:19 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 20 Jan 2005 20:12:19 -0500 Subject: [OTR-users] Shared secret authentication? In-Reply-To: <20050121002713.GI1060@smtp.paip.net> References: <20050121002713.GI1060@smtp.paip.net> Message-ID: <20050121011219.GJ1060@smtp.paip.net> On Thu, Jan 20, 2005 at 07:27:13PM -0500, Ian Goldberg wrote: > That's a pretty interesting suggestion. An easy way would be to > calculate SHA-1(dir, sessionid, secret) and exchange those values > [once the session is established]. (Use the stretched secret, of > course.) I just wanted to clarify that this method will authenticate the person to whom you're speaking, but not their fingerprint. If you want to authenticate their fingerprint as well, you can either just exchange fingerprints in the now-authenticated channel, or include the fingerprints in the above hash. - Ian From alex323 at gmail.com Thu Jan 20 20:36:55 2005 From: alex323 at gmail.com (alex323) Date: Thu, 20 Jan 2005 20:36:55 -0500 Subject: [OTR-users] My first self generated data message In-Reply-To: <20050120223451.GH1060@smtp.paip.net> References: <41F025A2.6010807@gmail.com> <20050120223451.GH1060@smtp.paip.net> Message-ID: <41F05CB7.4020203@gmail.com> Cool. Thanks, I'll try that - Alex Ian Goldberg wrote: >On Thu, Jan 20, 2005 at 04:41:54PM -0500, alex323 wrote: > > >>Hey all, I've finally finished by 'GenerateData' method and was >>wondering if anyone was willing to check if it's right. Thanks >> >>(16:32:32) *** Server Listening on port 654 >>(16:32:38) 127.0.0.1 has connected to us. Client GUID: >>53dca368-6877-40a3-81ce-5bf40ca2cdf1 >>(16:32:54) Them: >>?OTR:AAEDAAAAAAEAAAACAAAAwMjBdruodQJeIJEF57lqZPcpKW4Txt72BQg52wgRlzuk1NLVyUNJs7L52E53LrWcLGKDTtlPWQSNeZrIVY40DPZbD7YlI23o5dPtqsyZnGISuOBk23sc77HHuU1K1b6U1uk2p40avrOmGcn7lq/C62u09oPPHF67j6FCAP1oMFFMjC4i/CYjTtNbFQSRr0avAHaaRwkqqTqEQrjKPsTjKkzLBYK04+SICe0rD81YJNaXGP6PuuSo+JrkJQE0jKkTywAAAAAAAAAAmAW3D31RynAMmp9J3oN4EmE1YTByqGCih5EkZHrtitOZlYBy. >> >> > >Nope. "Invalid Data Message". You can use otr_parse in the toolkit >to at least check that the structure of your messages is correct. > > - Ian >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From alex323 at gmail.com Thu Jan 20 21:11:47 2005 From: alex323 at gmail.com (alex323) Date: Thu, 20 Jan 2005 21:11:47 -0500 Subject: [OTR-users] My first self generated data message In-Reply-To: <41F05CB7.4020203@gmail.com> References: <41F025A2.6010807@gmail.com> <20050120223451.GH1060@smtp.paip.net> <41F05CB7.4020203@gmail.com> Message-ID: <41F064E3.9080106@gmail.com> While this app is good for telling if it's right or wrong, it cannot show you exactly where the error occured. (Or at least it hasn't for me) alex323 wrote: > Cool. Thanks, I'll try that > > - Alex > > Ian Goldberg wrote: > >> On Thu, Jan 20, 2005 at 04:41:54PM -0500, alex323 wrote: >> >> >>> Hey all, I've finally finished by 'GenerateData' method and was >>> wondering if anyone was willing to check if it's right. Thanks >>> >>> (16:32:32) *** Server Listening on port 654 >>> (16:32:38) 127.0.0.1 has connected to us. Client GUID: >>> 53dca368-6877-40a3-81ce-5bf40ca2cdf1 >>> (16:32:54) Them: >>> ?OTR:AAEDAAAAAAEAAAACAAAAwMjBdruodQJeIJEF57lqZPcpKW4Txt72BQg52wgRlzuk1NLVyUNJs7L52E53LrWcLGKDTtlPWQSNeZrIVY40DPZbD7YlI23o5dPtqsyZnGISuOBk23sc77HHuU1K1b6U1uk2p40avrOmGcn7lq/C62u09oPPHF67j6FCAP1oMFFMjC4i/CYjTtNbFQSRr0avAHaaRwkqqTqEQrjKPsTjKkzLBYK04+SICe0rD81YJNaXGP6PuuSo+JrkJQE0jKkTywAAAAAAAAAAmAW3D31RynAMmp9J3oN4EmE1YTByqGCih5EkZHrtitOZlYBy. >>> >>> >> >> >> Nope. "Invalid Data Message". You can use otr_parse in the toolkit >> to at least check that the structure of your messages is correct. >> >> - Ian >> _______________________________________________ >> OTR-users mailing list >> OTR-users at lists.cypherpunks.ca >> http://lists.cypherpunks.ca/mailman/listinfo/otr-users >> >> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From gmaxwell at gmail.com Thu Jan 20 22:46:24 2005 From: gmaxwell at gmail.com (Gregory Maxwell) Date: Thu, 20 Jan 2005 22:46:24 -0500 Subject: [OTR-users] Shared secret authentication? In-Reply-To: <20050121011219.GJ1060@smtp.paip.net> References: <20050121002713.GI1060@smtp.paip.net> <20050121011219.GJ1060@smtp.paip.net> Message-ID: On Thu, 20 Jan 2005 20:12:19 -0500, Ian Goldberg wrote: > On Thu, Jan 20, 2005 at 07:27:13PM -0500, Ian Goldberg wrote: > > That's a pretty interesting suggestion. An easy way would be to > > calculate SHA-1(dir, sessionid, secret) and exchange those values > > [once the session is established]. (Use the stretched secret, of > > course.) > > I just wanted to clarify that this method will authenticate the person > to whom you're speaking, but not their fingerprint. If you want to > authenticate their fingerprint as well, you can either just exchange > fingerprints in the now-authenticated channel, or include the > fingerprints in the above hash. My thought was pretty much exactly that... Except including the fingerprint in the hash as well so that it's simultaneously authenticated. I think passwords are just too easily stolen, they also present a scaling issue: You need 1 password per potential pair of communicating users, vs one signature key per user. Users will likely be silly and reuse the secret or use related words for their friends, so it's best only this authentication method as infrequently as possible... And ideally perform it in such a way that an outsider can't determine when the method is in use, at least without being intrusive (i.e. by exchanging messages of the same size for every initiation even when it's not in use). This way even if the password is potentially weak, users can guard against a man in the middle by only ever using the password once.. Or even prearranging a list of words to use in succession. ... Even without the extra complexity it should be secure because there shouldn't be a way to automatically attack it... people will get suspicious around the 20th attempt to establish an encrypted channel. :) It would probably be useful to use the session id as the salt for the stretching algo, or have each party request a nonce to use from the other.. (you want something thats per session on the inside of the expensive algo, so someone doesn't make a huge dictionary of the expensive part, and reuse that to perform an attack against the normal SHA1). From gmaxwell at gmail.com Thu Jan 20 23:15:10 2005 From: gmaxwell at gmail.com (Gregory Maxwell) Date: Thu, 20 Jan 2005 23:15:10 -0500 Subject: [OTR-users] Shared secret authentication? In-Reply-To: <20050121002713.GI1060@smtp.paip.net> References: <20050121002713.GI1060@smtp.paip.net> Message-ID: On Thu, 20 Jan 2005 19:27:13 -0500, Ian Goldberg wrote: > > In addition to displaying the public key hash in hex, it might be > > useful to create a transformation that expresses it as english words > > (uses the words to look up in a dictionary). This way there is a > > pretty good chance that someone can 'remember' part of another > > person's key id when they go to another client without the stored > > keys. Of course, if you just use part of the hash, it would make it > > possible for someone to generate keys until they find a matching > > string... So rather it should expand the whole hash (or at least a > > large part of it) and users should then use a non predictable subset > > for verification. > > That's the S/KEY idea (http://www.faqs.org/rfcs/rfc1760.html). The > particular word list they use isn't the best, though. I've used S/KEY before, ... (and noticed the ugly dictionary) ... Thought it used words just to make the reading and typing step less error prone (which is the case), and I didn't realize that it actually managed to transmit that much information (64bits). I gave it some more thought while I was out to dinner and had some other ideas... The goal of S/KEY is to be compact and typeable.. The goal of using an english representation of a fingerprint is to make it memorable so you can compare it later. The problem is that most users will just pick a few obvious memorable characteristics, so it would be much easier for an attacker to just generate keys until they make one that is similar enough to a human observer.... it might end up being less secure than remembering a few digits of the fingerprint (which is what I end up doing with ssh). The solution to that is to encrypt the fingerprint with a password prior to converting it into text and making the text output sufficiently larger than the initial secret so an attacker without the secret won't be able to perform an attack against the smaller comparison base... and if they did know your secret their attack would only generate an authentication key that fooled one user. It would be really nice if IM systems mutually authenticated users using the shared secret approach where the shared secret was the hash (or expensive expansion function) of the pasword+username+im_servername, so that the server never knows the password. Then the password (after a different expansion) can be used for other tasks in the client, such as keeping the private side of an authentication key encrypted, or keeping logs encrypted. (nice thing about using the login key is that it would require no additional effort or passwords for the users).. Oh well. Using language-like representations of key fingerprints is an interesting subject... probably one that should be discussed in a larger community, since it applies to PGP authentication (and ssh, etc). From paul at cypherpunks.ca Sat Jan 22 16:06:41 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Sat, 22 Jan 2005 22:06:41 +0100 (MET) Subject: [OTR-users] gaim-1.0.3-2.exe uploaded Message-ID: gaim-otr-1.0.3-2.exe has been uploaded and should find its way into the various file repositories soon. Changes: ; v1.0.3-2 - Fix for detecting gaim if not installed by Administrator. ; bug report by Joanna Rutkowska ; - Fix for uninstalling the dll when not installed as Administrator Paul, obviously not used to not being an Administrator :) -- "At best it is a theory, at worst a fantasy" -- Michael Crichton From paul at cypherpunks.ca Sat Jan 22 16:52:33 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Sat, 22 Jan 2005 22:52:33 +0100 (MET) Subject: [OTR-users] up2date does not work with otr repository yet Message-ID: Hi, Testing using libotr-1.0.4, I found out that even though yum works fine to see the update and install it, up2date seems to be broken. It seems that the problem is that up2date, even in the 'rawhide' version, still uses the old style repository, which uses the headers directory instead of the newer style repodata. This is visible in a rather cryptic way if you click on the rhn-applet and look at the critical tab. It will say something like The applet has been unable to access the following information sources in its last attempts: otr @ http://www.xelerance.com/mirror/otr/binaries/fedora/3/x86_64/ This is because the headers directory is not found. Running 'yum update' on such a fedora machine will work fine though. I guess this is a buglet for RedHat to fix, If anyone is using apt-rpm or apt-get on Fedora, I am interested to hear whether it works. Paul -- "At best it is a theory, at worst a fantasy" -- Michael Crichton From alex323 at gmail.com Mon Jan 24 23:11:07 2005 From: alex323 at gmail.com (alex323) Date: Mon, 24 Jan 2005 23:11:07 -0500 Subject: [OTR-users] Gaim isn't detecting the plugin Message-ID: <41F5C6DB.5060407@gmail.com> How come when I download/extract all the files from teh deb file, the plugin doesn't appear of gaim's plugin list? I'm in Debian/Sid and am running the latest version of gaim (From apt-get). alex323 at server:~$ ls /usr/lib/gaim/gaim-otr.so /usr/lib/gaim/gaim-otr.so alex323 at server:~$ Thanks in advance for your help. - Alex -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From paul at cypherpunks.ca Tue Jan 25 05:14:58 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Tue, 25 Jan 2005 11:14:58 +0100 (CET) Subject: [OTR-users] Gaim isn't detecting the plugin In-Reply-To: <41F5C6DB.5060407@gmail.com> Message-ID: On Mon, 24 Jan 2005, alex323 wrote: > How come when I download/extract all the files from teh deb file, the > plugin doesn't appear of gaim's plugin list? I'm in Debian/Sid and am > running the latest version of gaim (From apt-get). > > alex323 at server:~$ ls /usr/lib/gaim/gaim-otr.so > /usr/lib/gaim/gaim-otr.so > alex323 at server:~$ > > Thanks in advance for your help. - You need to restart gaim after installing gaim-otr - You need to enable OTR in the preferences-> plugins menu before the OTR menu appears. Paul From alex323 at gmail.com Tue Jan 25 07:53:29 2005 From: alex323 at gmail.com (alex323) Date: Tue, 25 Jan 2005 07:53:29 -0500 Subject: [OTR-users] Gaim isn't detecting the plugin In-Reply-To: References: Message-ID: <41F64149.8090901@gmail.com> I have already restarted gaim quite a few times but it doesn't appear on the list. (I'm talking about the Plugin list. I am aware that i need to enable it before I can edit any options) - Alex Paul Wouters wrote: >On Mon, 24 Jan 2005, alex323 wrote: > > > >>How come when I download/extract all the files from teh deb file, the >>plugin doesn't appear of gaim's plugin list? I'm in Debian/Sid and am >>running the latest version of gaim (From apt-get). >> >>alex323 at server:~$ ls /usr/lib/gaim/gaim-otr.so >>/usr/lib/gaim/gaim-otr.so >>alex323 at server:~$ >> >>Thanks in advance for your help. >> >> > >- You need to restart gaim after installing gaim-otr >- You need to enable OTR in the preferences-> plugins menu before > the OTR menu appears. > >Paul > > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From paul at cypherpunks.ca Tue Jan 25 08:22:04 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Tue, 25 Jan 2005 14:22:04 +0100 (CET) Subject: [OTR-users] Gaim isn't detecting the plugin In-Reply-To: <41F64149.8090901@gmail.com> Message-ID: On Tue, 25 Jan 2005, alex323 wrote: > I have already restarted gaim quite a few times but it doesn't appear on > the list. (I'm talking about the Plugin list. I am aware that i need to > enable it before I can edit any options) Okay. What does 'ldd /usr/lib/gaim/gaim-otr.so' say? No missing libs? The user has permission to read that file? Paul From nikitab at cs.berkeley.edu Mon Jan 24 23:27:11 2005 From: nikitab at cs.berkeley.edu (Nikita Borisov) Date: Mon, 24 Jan 2005 20:27:11 -0800 Subject: [OTR-users] Gaim isn't detecting the plugin In-Reply-To: <41F5C6DB.5060407@gmail.com> References: <41F5C6DB.5060407@gmail.com> Message-ID: <61C44D78-6E89-11D9-99A5-000A95873CEC@cs.berkeley.edu> On Jan 24, 2005, at 8:11 PM, alex323 wrote: > How come when I download/extract all the files from teh deb file, the > plugin doesn't appear of gaim's plugin list? I'm in Debian/Sid and am > running the latest version of gaim (From apt-get). > > alex323 at server:~$ ls /usr/lib/gaim/gaim-otr.so > /usr/lib/gaim/gaim-otr.so > alex323 at server:~$ First question is, of course, did you restart Gaim? Second question is, could you email the output of "gaim -d"? That will make gaim list which plugins it's trying to load and any errors. - Nikita From alex323 at gmail.com Tue Jan 25 17:04:15 2005 From: alex323 at gmail.com (alex323) Date: Tue, 25 Jan 2005 17:04:15 -0500 Subject: [OTR-users] Gaim isn't detecting the plugin In-Reply-To: References: Message-ID: <41F6C25F.8030905@gmail.com> Heh, I forgot you seperated gaim-otr and libotr. I needed to download libotr and install it. Thanks Paul. Paul Wouters wrote: >On Tue, 25 Jan 2005, alex323 wrote: > > > >>I have already restarted gaim quite a few times but it doesn't appear on >>the list. (I'm talking about the Plugin list. I am aware that i need to >>enable it before I can edit any options) >> >> > >Okay. > >What does 'ldd /usr/lib/gaim/gaim-otr.so' say? No missing libs? >The user has permission to read that file? > >Paul > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From paul at cypherpunks.ca Tue Jan 25 17:47:27 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Tue, 25 Jan 2005 23:47:27 +0100 (CET) Subject: [OTR-users] Gaim isn't detecting the plugin In-Reply-To: <41F6C25F.8030905@gmail.com> Message-ID: On Tue, 25 Jan 2005, alex323 wrote: > Heh, I forgot you seperated gaim-otr and libotr. I needed to download > libotr and install it. Thanks Paul. That's a bug in the Debian packaging then. Ian? Paul From ian at cypherpunks.ca Tue Jan 25 17:50:42 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Tue, 25 Jan 2005 17:50:42 -0500 Subject: [OTR-users] Gaim isn't detecting the plugin In-Reply-To: <41F6C25F.8030905@gmail.com> References: <41F6C25F.8030905@gmail.com> Message-ID: <20050125225042.GS1060@smtp.paip.net> On Tue, Jan 25, 2005 at 05:04:15PM -0500, alex323 wrote: > Heh, I forgot you seperated gaim-otr and libotr. I needed to download > libotr and install it. Thanks Paul. How did you install the debian gaim-otr package without having the libotr package installed, and without it complaining about missing dependencies? - Ian From alex323 at gmail.com Tue Jan 25 19:44:26 2005 From: alex323 at gmail.com (alex323) Date: Tue, 25 Jan 2005 19:44:26 -0500 Subject: [OTR-users] Gaim isn't detecting the plugin In-Reply-To: <20050125225042.GS1060@smtp.paip.net> References: <41F6C25F.8030905@gmail.com> <20050125225042.GS1060@smtp.paip.net> Message-ID: <41F6E7EA.40507@gmail.com> No clue - Alex Ian Goldberg wrote: >On Tue, Jan 25, 2005 at 05:04:15PM -0500, alex323 wrote: > > >>Heh, I forgot you seperated gaim-otr and libotr. I needed to download >>libotr and install it. Thanks Paul. >> >> > >How did you install the debian gaim-otr package without having the >libotr package installed, and without it complaining about missing >dependencies? > > - Ian >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From aldert at rotz.org Thu Jan 27 16:47:15 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Thu, 27 Jan 2005 22:47:15 +0100 Subject: [OTR-users] Success !! - Test report - XP SP2 + Gaim 1.1.2 + OTR plugin 1.0.3-.2 and ICQ account Message-ID: <41F96163.1070201@rotz.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I promised to Paul to deliver a test report and tonight I had time, so I started my OTR Quest and the results are in; here we go : Exec sum : Success !! It worked out of the box in 1 go. Fantastic. Interested people read on for some positive feedback. - - I have XP SP2 inc. Norton Internet Security ~ (and for the record run Firefox and Thunderbird, pun intended) - - Installed Gaim 1.1.2 including GTK+ v2.4.14 rev a from ~ http://gaim.sourceforge.net/win32/index.php - - Did not start Gaim but installed OTR for Gaim plugin 1.0.3-2 ~ http://www.cypherpunks.ca/otr/binaries/windows/gaim-otr-1.0.3-2.exe ~ after verifying with the signature file. ~ http://www.cypherpunks.ca/otr/binaries/windows/gaim-otr-1.0.3-2.exe.asc Now all the software was ready to rock. - - Created an ICQ account at : http://www.icq.com/register/ Jabber.org was down or at least creating accounts there did not work so I had to do this test with an ICQ account, oh well, did not play with ICQ for some years, so maybe it was time to revalidates my opinion... - - Started Gaim, clicked on 'Accounts' at bottom-left, clicked 'Add' ~ Filled in : Screen name (My ICQ number) , Alias (My name) ~ and clicked 'Save'. ~ Clicked 'Close' on the Accounts window. Came back to Login window. ~ Pressed 'Preferences' ~ Selected 'Plugins' ~ Scrolled with the scrollbar on the right to the plugin with the name ~ "Off-the-Record Messaging 1.0.3" ~ Selected (vinked) the 'Load' box next to the plugin name. ~ Clicked on 'Close' at the bottom right of the Preferences window. ~ At the Login window I in the dropdown box my ICQ account and filled in ~ my password and clicked 'Sign on'. - - Clicked on 'IM' at the bottom-left. ~ Filled in the screen name of one of my OTR enabled friends and VOILA ! I did not "configure" the OTR for Gaim plugin at all but that was not needed at all ! I started talking to an OTR enabled friend and the moment he clicked on 'OTR private' in his Conversation window my plugin quickly generated the private key and session key in a time so short I forgot to count, maybe 2 or 3 seconds. The OTR status icon on the bottom right also changed instantly from 'OTR not private' to OTR private. Nice ! Bliss !! Nearly 100% ready out of the box installation, amazing !! I have 3 feature 'requests' that I think would be good to have : = OTR announcing, preferable configurable as Standard ON or OFF. ~ ON = The moment I start chatting with an OTR enabled client ~ the conversation switches to OTR, automatically. = Group support, my best guess is that this is pretty complicated ~ but would make it even more 'acceptable'/desired ~ by a even larger part of the users of IM networks. = Please start a WIKI or reshuffle stuff around. ~ The web page at http://www.cypherpunks.ca/otr/ is just way to nerdy ~ and unorganized and pretty scary for people who like to go OTR but ~ get kinda lost in things like compilation tips before they hit the ~ easy stuff like configuring the software :) ~ If a WIKI is too much work please make a QuickStart link at the top ~ of the page to a new page that lists the '10 Steps to OTR IM'ing'. More email follows if Paul has more things to test :) Aldert Hazenberg. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (MingW32) iQIVAwUBQflhYhbFttBkLonZAQJB7A//T67WJFT+IPF2LW/tx/MC/+mIsppTnfT6 +rfCeF0f+NXPEUbGfSp758UKz2fyF4lIcOyzDkv7MDttEMIxXPpSSGIcCtZZWBSM qw0tr5L4wBHfy125OIkqmwLGcbQRjGMdxgVUAFl03xATO7nyp8jPAF7wlMB7+Sfj k9LZAQI/yZb+ekbxTYwLgXowWVuhXBqFKiHOOPAPYStfTLy1B9fc4IUATaCv1T8C 9Qp2dGcCCvPzEZzrU6D8u1H+BOFw7pogHUrTzLgcMGUlTUXBz3IejONF10wEiDeG lBdC5IBqrb41QZzlC2ZLdUxk+a0jTVDEUXXf3HbFc8LcalPiN/PUdZZY6HsId4jP of//UUqR28S5LdKlVvcCLGXxHY/ek0fAENK/x3c9/2olTN4DAUY4ByoKBdSgtOuF kYbrpvZGMdDClsU5MkU5izGq7JNxr0S56Q+01DHfc9TF07wYdyB+ugPp/NK/OUQa K+a9LzVQ9mP2DxBAnQyH1Qku9O7Uhwpnj0h6i/+qUtsiJMuyBb6sf/2sf1OTkKVU CL5HsUl++ZrE6laRtYyhV1dqocsj9VHPxNx8GrkfcKt2jZ98r3Ocq6PW3oOsk49P kWoBwUZndWF6kJyGUERXasCmx1FrOtM3//e0JyDCseJ25VhJ9/o83JPwVN/RXkO0 xOnNu4rU5nE= =Yzwy -----END PGP SIGNATURE----- From ian at cypherpunks.ca Thu Jan 27 17:41:27 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 27 Jan 2005 17:41:27 -0500 Subject: [OTR-users] Success !! - Test report - XP SP2 + Gaim 1.1.2 + OTR plugin 1.0.3-.2 and ICQ account In-Reply-To: <41F96163.1070201@rotz.org> References: <41F96163.1070201@rotz.org> Message-ID: <20050127224127.GT1060@smtp.paip.net> On Thu, Jan 27, 2005 at 10:47:15PM +0100, Aldert J.B.P. Hazenberg wrote: > I promised to Paul to deliver a test report and tonight I had time, > so I started my OTR Quest and the results are in; here we go : > > Exec sum : Success !! It worked out of the box in 1 go. Fantastic. Great! I'm glad this cross-compiling for Windows thing really works. :-) > I have 3 feature 'requests' that I think would be good to have : > > = OTR announcing, preferable configurable as Standard ON or OFF. > ~ ON = The moment I start chatting with an OTR enabled client > ~ the conversation switches to OTR, automatically. We're talking about stuff pertaining to this in otr-dev. Right now, if you send a message from one OTR client to another, OTR will automagically notice and start a private conversation. > = Group support, my best guess is that this is pretty complicated > ~ but would make it even more 'acceptable'/desired > ~ by a even larger part of the users of IM networks. There are Issues with this, involving the Deniability and other security properties of OTR. For example, when you receive a message in the group, should you know for sure who wrote it? Or just that someone in the group did? Do you have any assurance that other people in the group are seeing the same messages you are? When do messages become forgeable? > = Please start a WIKI or reshuffle stuff around. > > ~ The web page at http://www.cypherpunks.ca/otr/ is just way to nerdy > ~ and unorganized and pretty scary for people who like to go OTR but > ~ get kinda lost in things like compilation tips before they hit the > ~ easy stuff like configuring the software :) There are neither compilation tips nor configuration instructions on the web page. That being said, I totally understand that the page isn't well-laid out. If someone wants to help reorganize it, that'd be awesome. [I don't think I want to make the wiki jump just now, though.] - Ian From alex323 at gmail.com Thu Jan 27 20:01:17 2005 From: alex323 at gmail.com (alex323) Date: Thu, 27 Jan 2005 20:01:17 -0500 Subject: [OTR-users] Success !! - Test report - XP SP2 + Gaim 1.1.2 + OTR plugin 1.0.3-.2 and ICQ account In-Reply-To: <20050127224127.GT1060@smtp.paip.net> References: <41F96163.1070201@rotz.org> <20050127224127.GT1060@smtp.paip.net> Message-ID: <41F98EDD.1090909@gmail.com> If you want, I can do the site's backend in PHP. - Alex Ian Goldberg wrote: >On Thu, Jan 27, 2005 at 10:47:15PM +0100, Aldert J.B.P. Hazenberg wrote: > > >>I promised to Paul to deliver a test report and tonight I had time, >>so I started my OTR Quest and the results are in; here we go : >> >>Exec sum : Success !! It worked out of the box in 1 go. Fantastic. >> >> > >Great! I'm glad this cross-compiling for Windows thing really works. :-) > > > >>I have 3 feature 'requests' that I think would be good to have : >> >>= OTR announcing, preferable configurable as Standard ON or OFF. >>~ ON = The moment I start chatting with an OTR enabled client >>~ the conversation switches to OTR, automatically. >> >> > >We're talking about stuff pertaining to this in otr-dev. Right now, if >you send a message from one OTR client to another, OTR will >automagically notice and start a private conversation. > > > >>= Group support, my best guess is that this is pretty complicated >>~ but would make it even more 'acceptable'/desired >>~ by a even larger part of the users of IM networks. >> >> > >There are Issues with this, involving the Deniability and other security >properties of OTR. For example, when you receive a message in the >group, should you know for sure who wrote it? Or just that someone in >the group did? Do you have any assurance that other people in the group >are seeing the same messages you are? When do messages become >forgeable? > > > >>= Please start a WIKI or reshuffle stuff around. >> >>~ The web page at http://www.cypherpunks.ca/otr/ is just way to nerdy >>~ and unorganized and pretty scary for people who like to go OTR but >>~ get kinda lost in things like compilation tips before they hit the >>~ easy stuff like configuring the software :) >> >> > >There are neither compilation tips nor configuration instructions on the >web page. That being said, I totally understand that the page isn't >well-laid out. If someone wants to help reorganize it, that'd be >awesome. [I don't think I want to make the wiki jump just now, though.] > > - Ian >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From aldert at rotz.org Mon Jan 31 03:57:14 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Mon, 31 Jan 2005 09:57:14 +0100 Subject: [OTR-users] Mirrors not working (software parts) Message-ID: <41FDF2EA.8030809@rotz.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Guys, I am advocating OTR to some people and got some questions today. The mirrors of the OTR software are out of sync it looks like. http://www.cypherpunks.ca/otr/ http://www.xelerance.com/mirror/otr/ ftp://ftp.openswan.org/mirror/otr/ Cypherpunks.ca is 'down' it looks like and I cannot get the debian stuff from Xelerance.com.... New versions of the software got released but the index pages were not updated perhaps ? :) Aldert. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (MingW32) iQIVAwUBQf3y6hbFttBkLonZAQJsqw/+JjyhUHdihhZJOjbC2EPknINzOnRiNBjU OWiesO20adrD8Al77ZNFto6TqHEoZcW/C5ukEWY9yf+gOLN22mpy9nuyBfq8P3x8 LS3yYS/veF5wSTM23+WoYTB18m2x/NkMm4FFUoOl1m6/edccHp9gZsCvoBVu2bZN 1QikRbYB2mRgl6RdUenu0j0Ii+yRQQXj3h/9z2HwIFt5noD7V4/DYADcwV9h4ujM 6NS44CYYQSYECNWxqYFvUovNvJ4vGVaz1GDeDbtZFIN4qqf3+88I2Wdln+GbZc7E ZfgfrgoNKKZZbZgBmnWNeOZ/sHivff9kucG9PiNRtLmU8ayzLYSDmCKw/vgvs2oU xyEdWDUJ5WY6NlrJmFWFgPvAeRHaHQeAn2lmvBhVz3hUdBAz5vMOFhwE5MvTbJxT qLrooZ2DEyM+V9WFYsC5mvb9aBSXx62gIsQgjT5bc8tX0FPCW9Y9rwa00vvNQZOe EPkgUKexMoUBlie2Yp5Hbfg8jsGTaOrKAiuQqxcorba1smymKjnDnxhvZ5MiQtGX 6bJzeFvl6Gi+BEJtEXJvSWZNq3RSAKV4j/4NN24hHB2Pc4GcQCbu0CH94vr6adpW zQQK7EqVzBQRM99LtY7BKSneOXKfDE7ZY8gNFxW676cNGNZ0B9vflluKFCKVQCVf C2uS1aXVDds= =rp0g -----END PGP SIGNATURE----- From paul at cypherpunks.ca Mon Jan 31 08:32:45 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Mon, 31 Jan 2005 14:32:45 +0100 (CET) Subject: [OTR-users] Mirrors not working (software parts) In-Reply-To: <41FDF2EA.8030809@rotz.org> Message-ID: On Mon, 31 Jan 2005, Aldert J.B.P. Hazenberg wrote: > Cypherpunks.ca is 'down' it looks like and I cannot get > the debian stuff from Xelerance.com.... The sync of ftp.openswan.org and www.xelerance.com seems to have fixed this. I can download the debian files now. Paul From michael_flanagan at telus.net Mon Jan 31 23:47:21 2005 From: michael_flanagan at telus.net (Michael Flanagan) Date: Mon, 31 Jan 2005 20:47:21 -0800 Subject: [OTR-users] otrproxy v0.1.1 OSX packaging issues Message-ID: <5BD3360A-740C-11D9-883E-000A95729B7A@telus.net> Greetings list, I just downloaded otrproxy-0.1.1.dmg from one of the proxies. After running the installer I attempted to launch the proxy from the terminal: Last login: Thu Jan 27 22:01:17 on ttyp1 Welcome to Darwin! [myhost:~] michaelf% otrproxy dyld: otrproxy can't open library: /Users/nikitab/gpglibs/lib/libgcrypt.11.dylib (No such file or directory, errno = 2) Trace/BPT trap [myhost:~] michaelf% man otrproxy To my eye it looks like there's a dependancy that wasn't included in the package. It seems like the intention was to include all dependancies in this package, but at the very least libgcrypt was missed. I read the README but the instructions for compiling didn't seem to make sense as I was just trying to run the proxy that was included in the package. I suspect that I'm the first non-developer trying to run this on OSX and no one else has tried this package. Or at least no one else has reported any problems. I read the archives forward from the date which v0.1.1 was released and didn't see any comments on this issue. The only aspect of this that worked as expected is I did get a man page with info. Someone care to confirm/deny my suppositions? Michael