From ian at cypherpunks.ca Mon Mar 7 18:30:06 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 7 Mar 2005 18:30:06 -0500 Subject: [OTR-users] 1700 Message-ID: <20050307233006.GO980@smtp.paip.net> FYI, we just hit 1700 unique IP addresses downloading OTR software from the primary site. This of course doesn't count mirror sites, or take into account the fact that OTR software is "in" some distributions like Gentoo, or some clients like Adium X. Not bad (for a start). :-) - Ian From alex323 at gmail.com Mon Mar 7 20:42:12 2005 From: alex323 at gmail.com (alex323) Date: Mon, 07 Mar 2005 20:42:12 -0500 Subject: [OTR-users] 1700 In-Reply-To: <20050307233006.GO980@smtp.paip.net> References: <20050307233006.GO980@smtp.paip.net> Message-ID: <422D02F4.5040902@gmail.com> Cool, nice work! I've been cought up with school lately and havn't been able to work on my C# implamentation. - Alex Ian Goldberg wrote: >FYI, we just hit 1700 unique IP addresses downloading OTR software from >the primary site. This of course doesn't count mirror sites, or take >into account the fact that OTR software is "in" some distributions like >Gentoo, or some clients like Adium X. > >Not bad (for a start). :-) > > - Ian >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From dcarrera at math.umd.edu Tue Mar 8 01:47:16 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Tue, 8 Mar 2005 01:47:16 -0500 Subject: [OTR-users] Thanks for the good work. Message-ID: <20050308064716.GO1484@math.umd.edu> Hey, "Thank you" is one of those things that people don't say often enough. So I wanted to say thanks to Ian and Nikita for making OTR. This is so cool. I so look forward to getting it up and running (so far compilation seems to be going well). I've read your paper. It's very intereesting. I like OTR, it's very clever. Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From dcarrera at math.umd.edu Tue Mar 8 02:03:27 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Tue, 8 Mar 2005 02:03:27 -0500 Subject: [OTR-users] Patch for Gaim plugin. Message-ID: <20050308070327.GP1484@math.umd.edu> Hello, I just tried compiling the GAIM plugin on Solaris SPARC, using gcc and GNU tools. The compilation dies on gtk-dialog.c : gtk-dialog.c: In function `otrg_gtk_dialog_private_key_wait_start': gtk-dialog.c:169: parse error before `handle' gtk-dialog.c:170: `handle' undeclared (first use in this function) gtk-dialog.c:170: (Each undeclared identifier is reported only once gtk-dialog.c:170: for each function it appears in.) gtk-dialog.c:182: warning: control reaches end of non-void function Fortunately, the fix is simple gtk-dialog.c 158a159 > OtrgDialogWaitHandle handle; 169c170,171 < OtrgDialogWaitHandle handle = malloc(sizeof(struct s_OtrgDialogWait)); --- > > handle = malloc(sizeof(struct s_OtrgDialogWait)); After doing this, the compilation went fine. Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From dcarrera at math.umd.edu Tue Mar 8 02:17:34 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Tue, 8 Mar 2005 02:17:34 -0500 Subject: [OTR-users] Help me test OTR ? Message-ID: <20050308071734.GQ1484@math.umd.edu> Whoo hoo!! I think I'm setup. I have a figerprint and all. My fingerprint is: 7C481247 CAED160E 379F9176 D76AF7A9 FC319806 Is there a kind soul who might help me test my brand new OTR plugin? I am on IM right now ("DanCarrer"). Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From ian at cypherpunks.ca Tue Mar 8 08:15:44 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Tue, 8 Mar 2005 08:15:44 -0500 Subject: [OTR-users] Patch for Gaim plugin. In-Reply-To: <20050308070327.GP1484@math.umd.edu> References: <20050308070327.GP1484@math.umd.edu> Message-ID: <20050308131544.GQ980@smtp.paip.net> On Tue, Mar 08, 2005 at 02:03:27AM -0500, Daniel Carrera wrote: > Hello, > > I just tried compiling the GAIM plugin on Solaris SPARC, using gcc and GNU > tools. The compilation dies on gtk-dialog.c : > > gtk-dialog.c: In function `otrg_gtk_dialog_private_key_wait_start': > gtk-dialog.c:169: parse error before `handle' > gtk-dialog.c:170: `handle' undeclared (first use in this function) > gtk-dialog.c:170: (Each undeclared identifier is reported only once > gtk-dialog.c:170: for each function it appears in.) > gtk-dialog.c:182: warning: control reaches end of non-void function > > > Fortunately, the fix is simple Thanks. The version of gcc we're using here (3.3.x) is too lenient about such matters. :-p Fixed. - Ian From paul at cypherpunks.ca Tue Mar 8 09:22:29 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Tue, 8 Mar 2005 15:22:29 +0100 (CET) Subject: [OTR-users] Help me test OTR ? In-Reply-To: <20050308071734.GQ1484@math.umd.edu> Message-ID: On Tue, 8 Mar 2005, Daniel Carrera wrote: > I think I'm setup. I have a figerprint and all. > > My fingerprint is: 7C481247 CAED160E 379F9176 D76AF7A9 FC319806 > > Is there a kind soul who might help me test my brand new OTR plugin? > I am on IM right now ("DanCarrer"). People testing OTR can always try and ring my desktop: PaulWouters at jabber.org 9944856 (AIM/ICQ) Paul From dcarrera at math.umd.edu Wed Mar 9 02:14:12 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Wed, 9 Mar 2005 02:14:12 -0500 Subject: [OTR-users] Promotting OTR. Message-ID: <20050309071412.GS13253@math.umd.edu> Hey folks, Just a quick thought on promotting OTR. I asked the Gaim people about listing OTR on their plugins page: http://gaim.sourceforge.net/plugins.php I mean, least they could di is remove the "gaim-e" link, which is dead anyways, and replace it with OTR. They said that I had to ask the OTR developers about posting it to their plugin tracker: http://sourceforge.net/projects/gaim Cheers, Daniel. PS: I also mentioned OTR on my blog: http://dcarrera.blogspot.com/ From ian at cypherpunks.ca Wed Mar 9 08:50:08 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Wed, 9 Mar 2005 08:50:08 -0500 Subject: [OTR-users] Promotting OTR. In-Reply-To: <20050309071412.GS13253@math.umd.edu> References: <20050309071412.GS13253@math.umd.edu> Message-ID: <20050309135008.GZ980@smtp.paip.net> On Wed, Mar 09, 2005 at 02:14:12AM -0500, Daniel Carrera wrote: > Hey folks, > > Just a quick thought on promotting OTR. I asked the Gaim people about > listing OTR on their plugins page: > > http://gaim.sourceforge.net/plugins.php > > I mean, least they could di is remove the "gaim-e" link, which is dead > anyways, and replace it with OTR. They said that I had to ask the OTR > developers about posting it to their plugin tracker: > > http://sourceforge.net/projects/gaim I didn't know about that page. Done. Thanks! - Ian From dcarrera at math.umd.edu Wed Mar 9 17:29:50 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Wed, 9 Mar 2005 17:29:50 -0500 Subject: [OTR-users] Promotting OTR. In-Reply-To: <20050309135008.GZ980@smtp.paip.net> References: <20050309071412.GS13253@math.umd.edu> <20050309135008.GZ980@smtp.paip.net> Message-ID: <20050309222950.GM13253@math.umd.edu> Ian Goldberg wrote: > > http://sourceforge.net/projects/gaim > > I didn't know about that page. Done. > > Thanks! Whoo hoo! I just went to the #gaim IRC channel. I raved about OTR and pointed them to the link you added. And guess what? 10min later, the Gaim plugin page now lists OTR. Check it out: http://gaim.sourceforge.net/plugins.php Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From kat at paip.net Wed Mar 9 17:37:47 2005 From: kat at paip.net (Kat Hanna) Date: Wed, 9 Mar 2005 17:37:47 -0500 (EST) Subject: [OTR-users] Promotting OTR. In-Reply-To: <20050309222950.GM13253@math.umd.edu> References: <20050309071412.GS13253@math.umd.edu> <20050309135008.GZ980@smtp.paip.net> <20050309222950.GM13253@math.umd.edu> Message-ID: You rock. On Wed, 9 Mar 2005, Daniel Carrera wrote: > Ian Goldberg wrote: > > > > http://sourceforge.net/projects/gaim > > > > I didn't know about that page. Done. > > > > Thanks! > > Whoo hoo! I just went to the #gaim IRC channel. I raved about OTR and > pointed them to the link you added. And guess what? 10min later, the Gaim > plugin page now lists OTR. Check it out: > > http://gaim.sourceforge.net/plugins.php > > Cheers, > -- > Daniel Carrera | I don't want it perfect, > Join OOoAuthors today! | I want it Tuesday. > http://oooauthors.org | > _______________________________________________ > OTR-users mailing list > OTR-users at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users > From a-konovalenko at yandex.ru Wed Mar 9 19:55:09 2005 From: a-konovalenko at yandex.ru (Alexander Konovalenko) Date: Thu, 10 Mar 2005 03:55:09 +0300 (MSK) Subject: [OTR-users] OTR web page down Message-ID: <422F9AED.000042.25082@mfront8.yandex.ru> The OTR web site at http://www.xelerance.com/mirror/otr/ is down: everything possible (even the mime type) is 404 Not Found. Could you (Ian, Nikita) please fix that? Or are there any mirrors? Please CC me since I'm not on the list. -- Alexander From ian at cypherpunks.ca Wed Mar 9 20:16:32 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Wed, 9 Mar 2005 20:16:32 -0500 Subject: [OTR-users] OTR web page down In-Reply-To: <422F9AED.000042.25082@mfront8.yandex.ru> References: <422F9AED.000042.25082@mfront8.yandex.ru> Message-ID: <20050310011632.GE980@smtp.paip.net> On Thu, Mar 10, 2005 at 03:55:09AM +0300, Alexander Konovalenko wrote: > The OTR web site at http://www.xelerance.com/mirror/otr/ is down: > everything possible (even the mime type) is 404 Not Found. > > Could you (Ian, Nikita) please fix that? Or are there any mirrors? That site *is* the mirror. The primary site is http://www.cypherpunks.ca/otr/ Paul's the one in charge of the mirror. Paul, can you check on this? Thanks for the report, - Ian From paul at cypherpunks.ca Thu Mar 10 06:45:22 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Thu, 10 Mar 2005 12:45:22 +0100 (CET) Subject: [OTR-users] OTR web page down In-Reply-To: <422F9AED.000042.25082@mfront8.yandex.ru> Message-ID: On Thu, 10 Mar 2005, Alexander Konovalenko wrote: > The OTR web site at http://www.xelerance.com/mirror/otr/ is down: everything possible (even the mime type) is 404 Not Found. This has been fixed. That website moved servers and it was missing a link . > Could you (Ian, Nikita) please fix that? Or are there any mirrors? ftp://ftp.openswan.org/mirror/otr/ works as well. Paul From gmaxwell at gmail.com Sat Mar 12 16:41:19 2005 From: gmaxwell at gmail.com (Gregory Maxwell) Date: Sat, 12 Mar 2005 16:41:19 -0500 Subject: [OTR-users] Custom OTR replies Message-ID: It would be good if OTR had an option to discard cleartext IMs and reply with a customizable string, perhaps something like this: New AIM license: "...by posting Content on an AIM Product, you grant AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote this Content in any medium. You waive any right to privacy.'" Please use GAIM OTR ( http://www.cypherpunks.ca/otr/ ), all cleartext IMs will be ignored. Anyone else interested in a feature like this? From nate at asaim.com Sat Mar 12 16:01:39 2005 From: nate at asaim.com (Nato Welch) Date: Sat, 12 Mar 2005 13:01:39 -0800 Subject: [OTR-users] GAIM-OTR Protects Against AOL's Privacy Invasion Message-ID: <200503121301.39836.nate@asaim.com> http://n8o.r30.net/a2z/drupal/node/196 A timely review. Thought you all might like to know. -- -- Nato Welch nate at asaim.com From ian at cypherpunks.ca Sat Mar 12 17:58:38 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sat, 12 Mar 2005 17:58:38 -0500 Subject: [OTR-users] GAIM-OTR Protects Against AOL's Privacy Invasion In-Reply-To: <200503121301.39836.nate@asaim.com> References: <200503121301.39836.nate@asaim.com> Message-ID: <20050312225838.GI980@smtp.paip.net> On Sat, Mar 12, 2005 at 01:01:39PM -0800, Nato Welch wrote: > http://n8o.r30.net/a2z/drupal/node/196 > > A timely review. Thought you all might like to know. Indeed; there have been over 150 new IP addresses downloading OTR software from the main site since the AOL TOS news hit slashdot this morning. We're up to 2048 right now. [Plus downloads from the mirror site, plus the copies in the various distros, etc., of course.] - Ian From dcarrera at math.umd.edu Sat Mar 12 18:18:53 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Sat, 12 Mar 2005 18:18:53 -0500 Subject: [OTR-users] GAIM-OTR Protects Against AOL's Privacy Invasion In-Reply-To: <20050312225838.GI980@smtp.paip.net> References: <200503121301.39836.nate@asaim.com> <20050312225838.GI980@smtp.paip.net> Message-ID: <20050312231852.GS18729@math.umd.edu> I just submitted this story to Linux today. I think the time is right for a knowledgeable person (ie. more knowledgeable than me) to write an article for Newsforge. It's not hard. The process is pretty painless. Newsforge caters to a different audience than Slashdot, so you would be reaching new people. NF has more bosses, decision makers, professionals etc. I work with OpenOffice.org documentation. I would gladly offer my services as a reviewer. Cheers, Daniel. On Sat, Mar 12, 2005 at 05:58:38PM -0500, Ian Goldberg wrote: > On Sat, Mar 12, 2005 at 01:01:39PM -0800, Nato Welch wrote: > > http://n8o.r30.net/a2z/drupal/node/196 > > > > A timely review. Thought you all might like to know. > > Indeed; there have been over 150 new IP addresses downloading OTR > software from the main site since the AOL TOS news hit slashdot this > morning. We're up to 2048 right now. [Plus downloads from the mirror > site, plus the copies in the various distros, etc., of course.] > > - Ian > _______________________________________________ > OTR-users mailing list > OTR-users at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From alex323 at gmail.com Sat Mar 12 19:50:04 2005 From: alex323 at gmail.com (alex323) Date: Sat, 12 Mar 2005 19:50:04 -0500 Subject: [OTR-users] OTR blocking? In-Reply-To: <200503121301.39836.nate@asaim.com> References: <200503121301.39836.nate@asaim.com> Message-ID: <42338E3C.2040601@gmail.com> Is there a chance that AIM/ICQ can filter out OTR messages (messages what start with "?OTR") all together? - Alex -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From dcarrera at math.umd.edu Sat Mar 12 20:35:06 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Sat, 12 Mar 2005 20:35:06 -0500 Subject: [OTR-users] OTR on Mac OS X. Message-ID: <20050313013506.GV18729@math.umd.edu> Hello, I need some advice. I have a friend using Mac OS X. I want to use OTR to talk to her privately. I figured that setting up the OTR proxy would be difficult. She is semi-technical, but not very, and I have never touched a Mac. And I can't find any instructions on the OTR home page. I figured it'd be better to wait until Adium 0.8 came out, but we're getting inpatient. There are some things we want to discuss, but only with OTR. What would you recommend? * Is the OTR proxy hard to install and use on Mac OS X? * If it isn't, where can I find instructions? * Should I tell her to install Adium X 0.8 beta 3 ? Adium X doesn't seem to have instructions for OTR either. :-( Normally I'd just try all these options myself and pick what I think will work best for her. But since I don't have a Mac, I can't do that. Help? Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From rabbi at abditum.com Sat Mar 12 20:43:52 2005 From: rabbi at abditum.com (Len Sassaman) Date: Sat, 12 Mar 2005 17:43:52 -0800 (PST) Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: <20050313013506.GV18729@math.umd.edu> References: <20050313013506.GV18729@math.umd.edu> Message-ID: On Sat, 12 Mar 2005, Daniel Carrera wrote: > What would you recommend? If she uses iChat or a non-Adium client now, use the proxy. OTR is really trivial, but switching chat clients may not be. Install the OTR proxy (double click the installer, etc., etc.) Launch it. (It lives in the Applications folder. You probably want to put an alias in the startup items folder as well. (That really ought to be done by the installer, anyway.) Configure iChat to use the proxy: Preferences, server settings, use proxy, localhost, port 8080, protocol HTTP. Voila. From dcarrera at math.umd.edu Sat Mar 12 20:47:55 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Sat, 12 Mar 2005 20:47:55 -0500 Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: References: <20050313013506.GV18729@math.umd.edu> Message-ID: <20050313014755.GX18729@math.umd.edu> Len Sassaman wrote: > If she uses iChat or a non-Adium client now, use the proxy. OTR is really > trivial, but switching chat clients may not be. Ok. She alternates between iChat and Adium X. Seems to prefer iChat. > Launch it. Does she have to launch it every time she starts iChat? What happens if she forgets? > Configure iChat to use the proxy: Preferences, server settings, use proxy, > localhost, port 8080, protocol HTTP. That looks simple enough. :-) Next time I see her on IM (prob tonight) I'll tell her. Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From rabbi at abditum.com Sat Mar 12 21:00:38 2005 From: rabbi at abditum.com (Len Sassaman) Date: Sat, 12 Mar 2005 18:00:38 -0800 (PST) Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: <20050313014755.GX18729@math.umd.edu> References: <20050313013506.GV18729@math.umd.edu> <20050313014755.GX18729@math.umd.edu> Message-ID: On Sat, 12 Mar 2005, Daniel Carrera wrote: > Ok. She alternates between iChat and Adium X. Seems to prefer iChat. Well, the proxy will work for either. (You'll have to consult the Adium X docs to figure out how to configure a proxy, though.) > > Launch it. > > Does she have to launch it every time she starts iChat? Yes. > What happens if she forgets? iChat won't connect to AIM, and will give a "can't connect to proxy" error, or somesuch. > > Configure iChat to use the proxy: Preferences, server settings, use proxy, > > localhost, port 8080, protocol HTTP. > > That looks simple enough. :-) Yep. (Note, I'm pulling this off of my memory, and don't have a Mac in front of me. So I can't describe the steps better -- there really should be a FAQ and screenshots for this somewhere.) Also, you can't edit the proxy settings while you're logged in. So, she'll have to disconnect from AIM in order to do this. From dcarrera at math.umd.edu Sat Mar 12 21:04:37 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Sat, 12 Mar 2005 21:04:37 -0500 Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: References: <20050313013506.GV18729@math.umd.edu> <20050313014755.GX18729@math.umd.edu> Message-ID: <20050313020437.GY18729@math.umd.edu> Hi Len, Thanks for the help! > Also, you can't edit the proxy settings while you're logged in. So, > she'll have to disconnect from AIM in order to do this. But she could be talking to me with Adium X while we configure iChat, right? Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From rabbi at abditum.com Sat Mar 12 21:11:16 2005 From: rabbi at abditum.com (Len Sassaman) Date: Sat, 12 Mar 2005 18:11:16 -0800 (PST) Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: <20050313020437.GY18729@math.umd.edu> References: <20050313013506.GV18729@math.umd.edu> <20050313014755.GX18729@math.umd.edu> <20050313020437.GY18729@math.umd.edu> Message-ID: On Sat, 12 Mar 2005, Daniel Carrera wrote: > Hi Len, > > Thanks for the help! No problem. Want to write this part of the FAQ when you're done? :) > > Also, you can't edit the proxy settings while you're logged in. So, > > she'll have to disconnect from AIM in order to do this. > > But she could be talking to me with Adium X while we configure iChat, > right? Yes, certainly. From dcarrera at math.umd.edu Sat Mar 12 22:03:27 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Sat, 12 Mar 2005 22:03:27 -0500 Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: References: <20050313013506.GV18729@math.umd.edu> <20050313014755.GX18729@math.umd.edu> Message-ID: <20050313030327.GC18729@math.umd.edu> Len Sassaman wrote: > > What happens if she forgets? > > iChat won't connect to AIM, and will give a "can't connect to proxy" > error, or somesuch. We're getting setup right now. I have another question: How do you tell the proxy that one chat is OTR and another isn't? How do you start/stop OTR for some conversation? Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From gmaxwell at gmail.com Sat Mar 12 23:52:49 2005 From: gmaxwell at gmail.com (Gregory Maxwell) Date: Sat, 12 Mar 2005 23:52:49 -0500 Subject: [OTR-users] otr proxy Message-ID: One of my not-yet-otr-using-friends runs some curses AIM client... He's trying to use OTRproxy, ... but it turns out that otr proxy expects an X server.. That isn't going to work for him. Can we get an option for x-less clients? From dcarrera at math.umd.edu Sun Mar 13 02:17:55 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Sun, 13 Mar 2005 02:17:55 -0500 Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: References: <20050313013506.GV18729@math.umd.edu> Message-ID: <20050313071755.GL18729@math.umd.edu> Whoo hoo!! Success!! My friend and I successfully established an OTR connection and talked in privacy. Thanks! I have a question: Does the proxy also provide a GUI for key management? So she can verify fingerprints and all? If so, how would she get to that GUI ? Thanks again! Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From aldert at rotz.org Sun Mar 13 02:34:53 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Sun, 13 Mar 2005 08:34:53 +0100 Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: <20050313013506.GV18729@math.umd.edu> References: <20050313013506.GV18729@math.umd.edu> Message-ID: <4233ED1D.7010808@rotz.org> Daniel Carrera wrote: > Hello, > > I need some advice. > > I have a friend using Mac OS X. I want to use OTR to talk to her > privately. I figured that setting up the OTR proxy would be difficult. She > is semi-technical, but not very, and I have never touched a Mac. And I > can't find any instructions on the OTR home page. > > I figured it'd be better to wait until Adium 0.8 came out, but we're > getting inpatient. There are some things we want to discuss, but only with > OTR. > > What would you recommend? > > * Is the OTR proxy hard to install and use on Mac OS X? > * If it isn't, where can I find instructions? > * Should I tell her to install Adium X 0.8 beta 3 ? > Adium X doesn't seem to have instructions for OTR either. :-( > > Normally I'd just try all these options myself and pick what I think will > work best for her. But since I don't have a Mac, I can't do that. > > Help? > I described how to glue OTR proxy and iChat a while ago : http://rotz.org/archives/2005/02/otr_and_osx.html If the guys add an WIKI to the OTR site I will add this including the appropiate screenshots. Aldert. From paul at cypherpunks.ca Sun Mar 13 07:00:29 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Sun, 13 Mar 2005 13:00:29 +0100 (CET) Subject: [OTR-users] OTR blocking? In-Reply-To: <42338E3C.2040601@gmail.com> Message-ID: On Sat, 12 Mar 2005, alex323 wrote: > Is there a chance that AIM/ICQ can filter out OTR messages (messages > what start with "?OTR") all together? Yes, they can. And OTR could play hide and seek, but it would probably be a good time to dump AIM/ICQ completely when that happens. Paul From paul at cypherpunks.ca Sun Mar 13 07:10:46 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Sun, 13 Mar 2005 13:10:46 +0100 (CET) Subject: [OTR-users] Custom OTR replies In-Reply-To: Message-ID: On Sat, 12 Mar 2005, Gregory Maxwell wrote: > It would be good if OTR had an option to discard cleartext IMs and > reply with a customizable string, perhaps something like this: I guess you can sort of do that by setting the default OTR setting to 'require private messaging'. Paul From paul at cypherpunks.ca Sun Mar 13 07:21:53 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Sun, 13 Mar 2005 13:21:53 +0100 (CET) Subject: [OTR-users] otr proxy In-Reply-To: Message-ID: On Sat, 12 Mar 2005, Gregory Maxwell wrote: > One of my not-yet-otr-using-friends runs some curses AIM client... > > He's trying to use OTRproxy, ... but it turns out that otr proxy > expects an X server.. > That isn't going to work for him. Really? There is no way to disable the GUI and therefor the need for the X server? Paul From ian at cypherpunks.ca Sun Mar 13 09:34:19 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sun, 13 Mar 2005 09:34:19 -0500 Subject: [OTR-users] otr proxy In-Reply-To: References: Message-ID: <20050313143419.GK980@smtp.paip.net> On Sun, Mar 13, 2005 at 01:21:53PM +0100, Paul Wouters wrote: > Really? There is no way to disable the GUI and therefor the need for the X > server? In 0.2.0? There really isn't. That should exist before 1.0.0, though. The UI was intentionally designed to be well-separated from the main proxy code, so that you could plug in X / curses / whatever easily. Someone just needs to write the curses (or even just textmode) UI... - Ian From ian at cypherpunks.ca Sun Mar 13 09:31:29 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sun, 13 Mar 2005 09:31:29 -0500 Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: <20050313071755.GL18729@math.umd.edu> References: <20050313013506.GV18729@math.umd.edu> <20050313071755.GL18729@math.umd.edu> Message-ID: <20050313143129.GJ980@smtp.paip.net> On Sun, Mar 13, 2005 at 02:17:55AM -0500, Daniel Carrera wrote: > I have a question: Does the proxy also provide a GUI for key management? So she can > verify fingerprints and all? If so, how would she get to that GUI ? Yes. It's under Edit->Preferences. You get the UI which has the OTR preferences and the list of keys. - Ian From patrick.luby at planamesa.com Sun Mar 13 14:46:03 2005 From: patrick.luby at planamesa.com (Patrick Luby) Date: Sun, 13 Mar 2005 11:46:03 -0800 Subject: [OTR-users] Mac OS X Jaguar support? Message-ID: <4234987B.7020302@planamesa.com> I just downloaded OTR and tried to run it on Jaguar. Not suprisingly, it wouldn't start due to dyld's inability to find /usr/lib/libiconv.2.dylib. I assume OTR is compiled on Panther. Is there any hope that future releases will be compiled on Jaguar? FYI. I use Jaguar because I release open source software and in order to support both Jaguar and Panther, I need to compile it on Jaguar. Thanks, Patrick -- _________________________________________________________________ Patrick Luby Planamesa Software patrick.luby at planamesa.com http://www.planamesa.com _________________________________________________________________ From ian at cypherpunks.ca Sun Mar 13 21:32:07 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Sun, 13 Mar 2005 21:32:07 -0500 Subject: [OTR-users] Mac OS X Jaguar support? In-Reply-To: <4234987B.7020302@planamesa.com> References: <4234987B.7020302@planamesa.com> Message-ID: <20050314023207.GP980@smtp.paip.net> On Sun, Mar 13, 2005 at 11:46:03AM -0800, Patrick Luby wrote: > I just downloaded OTR and tried to run it on Jaguar. > > Not suprisingly, it wouldn't start due to dyld's inability to find > /usr/lib/libiconv.2.dylib. > > I assume OTR is compiled on Panther. Is there any hope that future > releases will be compiled on Jaguar? > > FYI. I use Jaguar because I release open source software and in order to > support both Jaguar and Panther, I need to compile it on Jaguar. I don't know if Nikita has access to Jaguar. Nikita? Alternately, have you tried building it yourself? You'll need to install wxMac 2.5.x, and the bits to make an OSX package, which Nikita should have. - Ian From paul at cypherpunks.ca Mon Mar 14 05:34:18 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Mon, 14 Mar 2005 11:34:18 +0100 (CET) Subject: [OTR-users] Mac OS X Jaguar support? In-Reply-To: <20050314023207.GP980@smtp.paip.net> Message-ID: On Sun, 13 Mar 2005, Ian Goldberg wrote: > Alternately, have you tried building it yourself? You'll need to > install wxMac 2.5.x, and the bits to make an OSX package, which Nikita > should have. Those bits should go into packaging/macosx/ Paul, who only has Panther too From rabbi at abditum.com Mon Mar 14 10:46:42 2005 From: rabbi at abditum.com (Len Sassaman) Date: Mon, 14 Mar 2005 07:46:42 -0800 (PST) Subject: [OTR-users] Mac OS X Jaguar support? In-Reply-To: References: Message-ID: On Mon, 14 Mar 2005, Paul Wouters wrote: > Those bits should go into packaging/macosx/ > > Paul, who only has Panther too You should be able to build for Jaguar using the Jaguar-specific SDKs (an optional install with XCode.) From GPowers at douglas.co.us Tue Mar 15 15:00:00 2005 From: GPowers at douglas.co.us (Gregg Powers) Date: Tue, 15 Mar 2005 13:00:00 -0700 Subject: [OTR-users] YIM Message-ID: Does OTR support Yahoo Instant Messenger? -------------- next part -------------- An HTML attachment was scrubbed... URL: From alex323 at gmail.com Tue Mar 15 16:53:12 2005 From: alex323 at gmail.com (alex323) Date: Tue, 15 Mar 2005 16:53:12 -0500 Subject: [OTR-users] YIM In-Reply-To: References: Message-ID: <42375948.800@gmail.com> OTR is mearly a protocol that is used over other protocols such as AIM, YIM, MSN, Jabber and all the other protocols gaim supports. Think of OTR as Russian. You can speak it on any protocol like AIM and nobody knows what you are saying :) Hope that clarifies it. - Alex Gregg Powers wrote: > Does OTR support Yahoo Instant Messenger? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From kat at paip.net Tue Mar 15 19:58:30 2005 From: kat at paip.net (Kat Hanna) Date: Tue, 15 Mar 2005 19:58:30 -0500 (EST) Subject: [OTR-users] YIM In-Reply-To: References: Message-ID: On Tue, 15 Mar 2005, Gregg Powers wrote: > Does OTR support Yahoo Instant Messenger? If you're using gaim as your client, otr works over the yahoo IM network. There have been problems reported with very long messages (in the 1K range). This stems from otr overhead that's added to the message that you type. Note that every network has this max message size issue. A future version of lib-otr should handle fragmentation of long messages, which will solve this problem. If you don't use gaim, you're currently out of luck. The localhost proxy only works on the AIM/ICQ network right now. -Kat From batshua at rm-f.net Fri Mar 18 15:18:46 2005 From: batshua at rm-f.net (Batshua) Date: Fri, 18 Mar 2005 15:18:46 -0500 Subject: [OTR-users] Augh! Message-ID: Uhm, hi. My name is Batshua and I just broke my AIM. I am running otrproxy 0.2.0 on an oldschool [400 mHz] PowerBook G4 running OS X 10.3.8. AIM is not playing nicely with otrproxy like I asked it to. All of a sudden it's unexpectedly quitting. I was thinking of trying to edit the plist file to make the proxy work differently in hopes that it would make AIM behave. I'm reading through the otr mailing list archives right now. Has this happened to anyone? Any suggestions? Thanks! From batshua at rm-f.net Fri Mar 18 15:28:02 2005 From: batshua at rm-f.net (Batshua) Date: Fri, 18 Mar 2005 15:28:02 -0500 Subject: [OTR-users] Augh! Addendum Message-ID: <580b68dafc225e29b61f936bbf890977@rm-f.net> Silly me! I forgot to mention I told AIM to use SOCKS5. Should I have told it something else instead? Batshua, who is apparently quite flustered at the moment From kat at paip.net Fri Mar 18 16:01:57 2005 From: kat at paip.net (Kat Hanna) Date: Fri, 18 Mar 2005 16:01:57 -0500 (EST) Subject: [OTR-users] Augh! Addendum In-Reply-To: <580b68dafc225e29b61f936bbf890977@rm-f.net> References: <580b68dafc225e29b61f936bbf890977@rm-f.net> Message-ID: On Fri, 18 Mar 2005, Batshua wrote: > Silly me! I forgot to mention I told AIM to use SOCKS5. Should I have > told it something else instead? Which AIM client are you using? iChat? If so, the you should be using HTTP on port 8080. AOL's AIM client? I think you may be the first person we've heard of using it. If that's the case, I'd suggest trying HTTPS on 8080, as well. [Are you aware that the beta release of Adium X has OTR support built in? I don't know how married you are to your client.] Do let us know what happens. -Kat From swimmerooo at yahoo.com Mon Mar 21 16:13:48 2005 From: swimmerooo at yahoo.com (Ryan R. Matt) Date: Mon, 21 Mar 2005 13:13:48 -0800 (PST) Subject: [OTR-users] gaim-otr plugin Message-ID: <20050321211348.35653.qmail@web40828.mail.yahoo.com> Hello, I am using Mandrake 10.1 so I downloaded the source files and compiled them. I installed libotr.2.0.1 without any problems. I followed the readme's advice and downloaded and installed pkg-config 0.15 with any problems. Then I downloaded and compiled gaim-otr. So far no problem. It installs in the proper directories (/usr/lib/gaim) and I copy it to ~/.gaim and ~/.gaim/plugins as per the README file. I then opened up gaim and opened up the preferences menu and selected the plugins menu. while searching the menu i cannot find the Gaim-OTR plugin listed. I don't know what other information to provide because i'm not really sure what the problem is, i.e., I even rebooted the system and logged in and still no luck with getting gaim to register the plugin. I have gaim-encryption right now, but my friend said that OTR was better. I have gaim-devel installed as well. My gaim verision is 1.2.0. Any advice would be greately appreciated. Thank you for your courtesies. Sincerely, Ryan __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ From ian at cypherpunks.ca Mon Mar 21 16:16:48 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 21 Mar 2005 16:16:48 -0500 Subject: [OTR-users] gaim-otr plugin In-Reply-To: <20050321211348.35653.qmail@web40828.mail.yahoo.com> References: <20050321211348.35653.qmail@web40828.mail.yahoo.com> Message-ID: <20050321211648.GM26798@smtp.paip.net> On Mon, Mar 21, 2005 at 01:13:48PM -0800, Ryan R. Matt wrote: > I don't know what other information to provide because > i'm not really sure what the problem is, i.e., I even > rebooted the system and logged in and still no luck > with getting gaim to register the plugin. It sounds like gaim-otr isn't finding a library it needs. Try running gaim with the "-d" option, and see what it tells you. Also try "ldd /usr/lib/gaim/gaim-otr.so". - Ian From swimmerooo at yahoo.com Mon Mar 21 16:48:10 2005 From: swimmerooo at yahoo.com (Ryan R. Matt) Date: Mon, 21 Mar 2005 13:48:10 -0800 (PST) Subject: [OTR-users] gaim-otr plugin In-Reply-To: 6667 Message-ID: <20050321214810.22263.qmail@web40826.mail.yahoo.com> I owe you guys an apology for wasting your time. I looked back on my commands and I configured the library with the wrong prefix directory. Sorry for wasting your time. Thank you for your patience. --- IaIn Goldberg wrote: > On Mon, Mar 21, 2005 at 01:13:48PM -0800, Ryan R. > Matt wrote: > > I don't know what other information to provide > because > > i'm not really sure what the problem is, i.e., I > even > > rebooted the system and logged in and still no > luck > > with getting gaim to register the plugin. > > It sounds like gaim-otr isn't finding a library it > needs. Try running > gaim with the "-d" option, and see what it tells > you. Also try > "ldd /usr/lib/gaim/gaim-otr.so". > > - Ian > _______________________________________________ > OTR-users mailing list > OTR-users at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users > Ryan R. Matt 300 Western Ave. Apt. #A24 Lansing, MI 48917 517.487.9207 315.404.1594 (cell) ________________________________________________________________________ "If you truly believe, then you will find a way to achieve" "When the window of opportunity closes on you, simply go through the door." "What the mind believes, the body achieves!" ~unknown __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ From michael.wright at janusresearch.com Tue Mar 22 10:19:11 2005 From: michael.wright at janusresearch.com (Michael F. Wright) Date: Tue, 22 Mar 2005 10:19:11 -0500 Subject: [OTR-users] (no subject) Message-ID: <200503221523.j2MFMv3S004466@ded412-lin-175-12.netsonic.net> Hello! I've been using OTR and GAIM for some time with great success. However, when attempting to use the OTR proxy with the AIM protocol under Trillian, it fails. I installed the binary for Win32 located at: http://www.cypherpunks.ca/otr/binaries/windows/gaim-otr-2.0.1.exe One thing I noticed that's different bahavior than is expected from the README is that, when I start otrproxy, there is no output whatsoever. The output in the README that contains the copyright statement, version, etc. does not appear until after I CLOSE the UI for otrproxy, which kills the process. When I start it up and try to connect to AIM via Trillian, it never does connect. I have tried both the SOCKS5 and the HTTP proxies on ports 1080 and 8080 respectively. Interestingly enough, when I run netstat after starting otrproxy, I do see my system listening on those ports. Any thoughts? From batshua at rm-f.net Tue Mar 22 10:42:22 2005 From: batshua at rm-f.net (Batshua) Date: Tue, 22 Mar 2005 10:42:22 -0500 Subject: [OTR-users] Okay, it's all working now. Sort of. Message-ID: Is it acceptable for me to ask for help testing OTR proxy here? [If not, just disregard this email and accept my humblest apologies.] iChat seems to be working fine. I've got AIM, iChat, and ICQ and at least for now going to test just iChat a bit further and experiment with ICQ. AIM is being too testy today. Batshua From ian at cypherpunks.ca Tue Mar 22 10:42:17 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Tue, 22 Mar 2005 10:42:17 -0500 Subject: [OTR-users] (no subject) In-Reply-To: <200503221523.j2MFMv3S004466@ded412-lin-175-12.netsonic.net> References: <200503221523.j2MFMv3S004466@ded412-lin-175-12.netsonic.net> Message-ID: <20050322154217.GR26798@smtp.paip.net> On Tue, Mar 22, 2005 at 10:19:11AM -0500, Michael F. Wright wrote: > Hello! > > I've been using OTR and GAIM for some time with great success. However, when > attempting to use the OTR proxy with the AIM protocol under Trillian, it > fails. > > I installed the binary for Win32 located at: > http://www.cypherpunks.ca/otr/binaries/windows/gaim-otr-2.0.1.exe [I assume you mean the otrproxy.exe, not the gaim-otr.exe.] > One thing I noticed that's different bahavior than is expected from the > README is that, when I start otrproxy, there is no output whatsoever. The > output in the README that contains the copyright statement, version, etc. > does not appear until after I CLOSE the UI for otrproxy, which kills the > process. Aha! We had gotten another report of "no output on Win32", but this report of "doesn't show up until the UI closes" suggests that Win32 needs fflush(stdout) more than other platforms. We'll fix this in CVS. Thanks! > When I start it up and try to connect to AIM via Trillian, it never > does connect. I have tried both the SOCKS5 and the HTTP proxies on ports > 1080 and 8080 respectively. > > Interestingly enough, when I run netstat after starting otrproxy, I do see > my system listening on those ports. > > Any thoughts? We've also had other reports of this happening (intermittently; you should try again later) with Trillian. It turns out there's about to be non-trivial changes to the networking bits of the proxy, so we'll make sure to well-instrument them, so that we can figure out what's going on. One theory is that, on occasion, the AIM server just takes too long to respond, and the TCP connect times out. Somehow this isn't being reported back to Trillian (the SOCKS5 connection should close if this happens), and Trillian never retries it (which it does in the direct-connect case). Thanks again for the bug reports! - Ian From kat at paip.net Tue Mar 22 10:53:10 2005 From: kat at paip.net (Kat Hanna) Date: Tue, 22 Mar 2005 10:53:10 -0500 (EST) Subject: [OTR-users] Okay, it's all working now. Sort of. In-Reply-To: References: Message-ID: On Tue, 22 Mar 2005, Batshua wrote: > Is it acceptable for me to ask for help testing OTR proxy here? Sure. You might mention your username(s), or, if you prefer, ask for private email replies to exchange that information. > [If not, just disregard this email and accept my humblest apologies.] > > iChat seems to be working fine. I've got AIM, iChat, and ICQ and at > least for now going to test just iChat a bit further and experiment > with ICQ. AIM is being too testy today. -Kat From michael.wright at janusresearch.com Tue Mar 22 11:10:02 2005 From: michael.wright at janusresearch.com (Michael F. Wright) Date: Tue, 22 Mar 2005 11:10:02 -0500 Subject: [OTR-users] (no subject) In-Reply-To: <20050322154217.GR26798@smtp.paip.net> Message-ID: <200503221613.j2MGDm3S005609@ded412-lin-175-12.netsonic.net> > -----Original Message----- > From: Ian Goldberg [mailto:ian at cypherpunks.ca] > Sent: Tuesday, March 22, 2005 10:42 AM > To: michael.wright at janusresearch.com > Cc: otr-users at lists.cypherpunks.ca > Subject: Re: [OTR-users] (no subject) > > On Tue, Mar 22, 2005 at 10:19:11AM -0500, Michael F. Wright wrote: > > Hello! > > > > I've been using OTR and GAIM for some time with great success. > > However, when attempting to use the OTR proxy with the AIM protocol > > under Trillian, it fails. > > > > I installed the binary for Win32 located at: > > http://www.cypherpunks.ca/otr/binaries/windows/gaim-otr-2.0.1.exe > > [I assume you mean the otrproxy.exe, not the gaim-otr.exe.] Yes. I apologize for this oversight. I was in a hurry when I posted. The link I downloaded is at: http://www.cypherpunks.ca/otr/binaries/windows/otrproxy-0.2.0-2.exe :) > > > One thing I noticed that's different bahavior than is expected from > > the README is that, when I start otrproxy, there is no output > > whatsoever. The output in the README that contains the > copyright statement, version, etc. > > does not appear until after I CLOSE the UI for otrproxy, > which kills > > the process. > > Aha! We had gotten another report of "no output on Win32", > but this report of "doesn't show up until the UI closes" > suggests that Win32 needs fflush(stdout) more than other > platforms. We'll fix this in CVS. > > Thanks! No problem. > > > When I start it up and try to connect to AIM via Trillian, it never > > does connect. I have tried both the SOCKS5 and the HTTP proxies on > > ports 1080 and 8080 respectively. > > > > Interestingly enough, when I run netstat after starting > otrproxy, I do > > see my system listening on those ports. > > > > Any thoughts? > > We've also had other reports of this happening > (intermittently; you should try again later) with Trillian. > It turns out there's about to be non-trivial changes to the > networking bits of the proxy, so we'll make sure to > well-instrument them, so that we can figure out what's going on. > > One theory is that, on occasion, the AIM server just takes > too long to respond, and the TCP connect times out. Somehow > this isn't being reported back to Trillian (the SOCKS5 > connection should close if this happens), and Trillian never > retries it (which it does in the direct-connect case). > > Thanks again for the bug reports! I've used an ssh proxy in the past to circumvent firewalls and the like. By setting up a dynamic port-forwarding ssh tunnel, I've successfully connected to AIM through a SOCKS4 proxy, which the ssh tunnel builds. So, I know that other proxies work in a timely fashion from this PC. If you need any other info from me, let me know! I'm looking forward to more great code from the OTR team! > > - Ian > From paul at cypherpunks.ca Tue Mar 22 18:33:53 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Wed, 23 Mar 2005 00:33:53 +0100 (CET) Subject: [OTR-users] gaim-otr plugin In-Reply-To: <20050321214810.22263.qmail@web40826.mail.yahoo.com> Message-ID: On Mon, 21 Mar 2005, Ryan R. Matt wrote: > I owe you guys an apology for wasting your time. I > looked back on my commands and I configured the > library with the wrong prefix directory. Did you try using the src.rpm? I was curious whether the source rpm would build usable gaim-otr rpms on Mandrake. Paul From aldert at rotz.org Wed Mar 23 14:53:02 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Wed, 23 Mar 2005 20:53:02 +0100 Subject: [OTR-users] OTR-proxy support voor non aim/icq ? (I like to Jabber with OTR using AdiumX) Message-ID: <4241C91E.7080905@rotz.org> Hi Guys, I installed today AdiumX (for OSX) to test some OTR stuff and in one go decided to 'ditch' iChat and start using AdiumX. Boy this tool rocks! AdiumX is the 'gaim for osx' I would say :) Perfect ! As I now have AdiumX I also needed to install OTR-proxy and I realized that OTR-proxy only supports the usage of aim/icq in AdiumX, as I like to also OTR with my jabber enabled friends : - Any schedule for when OTR-proxy will support Jabber ? - And, more long term maybe, support for all non aim/icq IM protocols ? - I also noticed that the 0.8 version of Adium will support OTR out of the box and I also wondered when this 0.8 version is due but that is better a question for the AdiumX forum I guess :) I ask this as here as it would be totally great if the behaviour for setting OTR options per 'user' would be the same in Gaim and AdiumX... Aldert. ps, OTR : http://www.cypherpunks.ca/otr/ AdiumX : http://www.adiumx.com/ Gaim : http://gaim.sourceforge.net/ From dcarrera at math.umd.edu Wed Mar 23 16:16:11 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Wed, 23 Mar 2005 16:16:11 -0500 Subject: [OTR-users] OTR-proxy support voor non aim/icq ? (I like to Jabber with OTR using AdiumX) In-Reply-To: <4241C91E.7080905@rotz.org> References: <4241C91E.7080905@rotz.org> Message-ID: <20050323211611.GP6023@math.umd.edu> Hello Aldert, You could install the AdiumX beta and start using Jabber+OTR today. Right here: http://www.adiumx.com/beta.html I talked to one of the AdiumX developers and he says that OTR should work fine with this beta. I would be happy to help you test this. My Jabber ID is 'dcarrera at jabber.org' In turn, I would be grateful if you could write simple instructions on how to use OTR in AdiumX. I have a friend who wants to use AdiumX to talk to me with Jabber and OTR, and I'll see him later today. But I don't know how Adium X does OTR. He can already talk to me using Jabber on AdiumX. We were thinking of trying OTR later today. So, if you could write instructions for that last part, I would be very grateful. Cheers, Daniel. On Wed, Mar 23, 2005 at 08:53:02PM +0100, Aldert J.B.P. Hazenberg wrote: > > Hi Guys, > > I installed today AdiumX (for OSX) to test some OTR stuff and in one > go decided to 'ditch' iChat and start using AdiumX. Boy this tool rocks! > AdiumX is the 'gaim for osx' I would say :) Perfect ! > > As I now have AdiumX I also needed to install OTR-proxy and I realized > that OTR-proxy only supports the usage of aim/icq in AdiumX, as I like > to also OTR with my jabber enabled friends : > > - Any schedule for when OTR-proxy will support Jabber ? > > - And, more long term maybe, support for all non aim/icq IM protocols ? > > - I also noticed that the 0.8 version of Adium will support OTR out of > the box and I also wondered when this 0.8 version is due but that is > better a question for the AdiumX forum I guess :) > > I ask this as here as it would be totally great if the behaviour for > setting OTR options per 'user' would be the same in Gaim and AdiumX... > > Aldert. > > ps, OTR : http://www.cypherpunks.ca/otr/ > AdiumX : http://www.adiumx.com/ > Gaim : http://gaim.sourceforge.net/ > > > > > > > > > _______________________________________________ > OTR-users mailing list > OTR-users at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From ian at cypherpunks.ca Wed Mar 23 16:22:09 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Wed, 23 Mar 2005 16:22:09 -0500 Subject: [OTR-users] OTR-proxy support voor non aim/icq ? (I like to Jabber with OTR using AdiumX) In-Reply-To: <20050323211611.GP6023@math.umd.edu> References: <4241C91E.7080905@rotz.org> <20050323211611.GP6023@math.umd.edu> Message-ID: <20050323212209.GU26798@smtp.paip.net> On Wed, Mar 23, 2005 at 04:16:11PM -0500, Daniel Carrera wrote: > In turn, I would be grateful if you could write simple instructions on how > to use OTR in AdiumX. I have a friend who wants to use AdiumX to talk to me > with Jabber and OTR, and I'll see him later today. But I don't know how > Adium X does OTR. He can already talk to me using Jabber on AdiumX. We were > thinking of trying OTR later today. So, if you could write instructions for > that last part, I would be very grateful. This page is quite useful: http://chris.milbert.com/AIM_Encryption/ - Ian From ian at cypherpunks.ca Wed Mar 23 16:24:20 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Wed, 23 Mar 2005 16:24:20 -0500 Subject: [OTR-users] OTR-proxy support voor non aim/icq ? (I like to Jabber with OTR using AdiumX) In-Reply-To: <4241C91E.7080905@rotz.org> References: <4241C91E.7080905@rotz.org> Message-ID: <20050323212420.GV26798@smtp.paip.net> On Wed, Mar 23, 2005 at 08:53:02PM +0100, Aldert J.B.P. Hazenberg wrote: > I installed today AdiumX (for OSX) to test some OTR stuff and in one > go decided to 'ditch' iChat and start using AdiumX. Boy this tool rocks! > AdiumX is the 'gaim for osx' I would say :) Perfect ! > > As I now have AdiumX I also needed to install OTR-proxy and I realized > that OTR-proxy only supports the usage of aim/icq in AdiumX, In fact, otrproxy only supports aim/icq at all at the moment. > as I like > to also OTR with my jabber enabled friends : > > - Any schedule for when OTR-proxy will support Jabber ? It's the next protocol on the list. Largely because (a) it actually has a spec, and (b) iChat's next version will apparently support it. > - And, more long term maybe, support for all non aim/icq IM protocols ? Love to. We welcome submissions of protocol implementations. ;-) - Ian From dcarrera at math.umd.edu Wed Mar 23 16:40:51 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Wed, 23 Mar 2005 16:40:51 -0500 Subject: [OTR-users] OTR-proxy support voor non aim/icq ? (I like to Jabber with OTR using AdiumX) In-Reply-To: <20050323212420.GV26798@smtp.paip.net> References: <4241C91E.7080905@rotz.org> <20050323212420.GV26798@smtp.paip.net> Message-ID: <20050323214050.GR6023@math.umd.edu> Ian Goldberg wrote: > > - Any schedule for when OTR-proxy will support Jabber ? > > It's the next protocol on the list. Largely because (a) it actually has > a spec, and (b) iChat's next version will apparently support it. And also because Jabber's so cool? :-) One thing I really like about Jabber is that it keeps your IP address private. I can use OTR to AIM someone and a third party won't know what I said. But they can still see my IP address. If I could use OTR with Jabber I would also get that extra level of anonimity. Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From kat at paip.net Wed Mar 23 17:08:53 2005 From: kat at paip.net (Kat Hanna) Date: Wed, 23 Mar 2005 17:08:53 -0500 (EST) Subject: [OTR-users] OTR-proxy support voor non aim/icq ? (I like to Jabber with OTR using AdiumX) In-Reply-To: <20050323212209.GU26798@smtp.paip.net> References: <4241C91E.7080905@rotz.org> <20050323211611.GP6023@math.umd.edu> <20050323212209.GU26798@smtp.paip.net> Message-ID: On Wed, 23 Mar 2005, Ian Goldberg wrote: > On Wed, Mar 23, 2005 at 04:16:11PM -0500, Daniel Carrera wrote: > > In turn, I would be grateful if you could write simple instructions on how > > to use OTR in AdiumX. I have a friend who wants to use AdiumX to talk to me > > with Jabber and OTR, and I'll see him later today. But I don't know how > > Adium X does OTR. He can already talk to me using Jabber on AdiumX. We were > > thinking of trying OTR later today. So, if you could write instructions for > > that last part, I would be very grateful. > > This page is quite useful: > > http://chris.milbert.com/AIM_Encryption/ I've added a link to this on the OTR page. If anyone wants to put together detailed install instructions with screenshots for gaim-otr and/or the proxy on Windows or Linux, send 'em along and I'll put them up. -Kat From bean62 at hotmail.com Thu Mar 24 10:39:40 2005 From: bean62 at hotmail.com (ben k) Date: Thu, 24 Mar 2005 10:39:40 -0500 Subject: [OTR-users] OTR : session setup messages, issue. Message-ID: I'm new to OTR and new to this list. First, thanks for a great plugin. I use Gaim 1.2.0 on Win XP Pro. I encouraged many folks from my office to use your plugin so that the admin folks can't track what's being said all day long, and I think the plugin is great. The issue I'm having is minor, in that it only happens during the setup of a session with someone and goes away after the private session is established, but I wanted to see if I have something setup incorrectly, etc. When I first sent a message this morning to someone, the OTR: status was Not Private (hadn't yet established...). I didn't click on the button, I just sent a message. Here's what happened: (10:34:56) MY_ID: test (10:34:57) OTR Error: You sent unencrypted data to PERSON_X, who was expecting encrypted messages from you. (10:34:57) PERSON_X: ?OTR Error: You sent unencrypted data to PERSON_X, who was expecting encrypted messages from you. (10:34:57) PERSON_X: ?OTR:AAEKAQAAAICT0SdyQU0VUKURAezGa5X91P8+mRB49+JClYU/F12PyF1U0GLIrP+tLVNpU/ROWS7UPICg7JKq2isxExj9oVWXs4+DOj550F6L889q9OclnIAYICMKoEYOdcYZhgx8ggSwzQjkEC3sm5AK4FAeirol0t/oy3NvvXYVsnBMeUc/RwAAABTGEjr7IVCNwazxlqGYO6DsC7IaUQAAAIAllBf3s4Fx1l+dCSeviXZtqgvqNn28XHJg7bCTbI+4Ue1IzNU2bEsakZd9f8vR6D87UN7/RY82+6CMN+0Dj4jMh4Zt55eXSsPeZsdld5B5VA7nep4SbdknOnS5bPZM+helRxg5rrSZEWwjurqVn4znNW2UQ4zWORqsLLuxRh+PAQAAAIBHvN7dlwBELr03kSaIGG/RCFK50aM3c7J3/P0cYkVV04sBmwfyaP5AsAQTkAph3WcKBaWe5Ur56xqR/CpctrGNcspMzLs1vaiAnx414wFRFTPyDKKb8ydt9ibcsBmKrDOZnL2L/uEx2CBFdaTAikg7ObSH0gBpaj533UloNGwsBAAAAAIAAADAB+w7O8eENXkxOqKlkwWzdwokXCeGI7iNECrhwytMQmhXs9V4e0aQwvukf/Cm0IcMy2OcByuz2AZL6nfl29GeaLMuwuqZEY4AIDlGVPsGCxSTXfpFImVracQTXHgFh7SNCcZwc3m0Gn0Xw7LpCmpAY6bUCzf5pCeW17UdL3FNUYVoPEkZCkIZ1PSEg0NARlWobarItyAG5JidV6WBMwhqj+AZwte26Cyr6lJZMWUKYnf2G4MgM5hCwQb9dTYRb794ofn2lHB9FLoX5OjaDNSDUI6PD2BlYkZ7XAZ4z19mM7Mb2qC+XZQHvg==. The last message is really what I'm concerned about. I also get that ?OTR: message when I click on the button to establish the connection. Any thoughts on whether or not I should do something differently? Thanks again for providing this program/plugin. And thanks in advance for any suggestions or comments. -ben _________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from McAfee? Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 From ian at cypherpunks.ca Thu Mar 24 11:03:27 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 24 Mar 2005 11:03:27 -0500 Subject: [OTR-users] OTR : session setup messages, issue. In-Reply-To: References: Message-ID: <20050324160327.GI26798@smtp.paip.net> On Thu, Mar 24, 2005 at 10:39:40AM -0500, ben k wrote: > I'm new to OTR and new to this list. First, thanks for a great plugin. I > use Gaim 1.2.0 on Win XP Pro. I encouraged many folks from my office to > use your plugin so that the admin folks can't track what's being said all > day long, and I think the plugin is great. > > The issue I'm having is minor, in that it only happens during the setup of > a session with someone and goes away after the private session is > established, but I wanted to see if I have something setup incorrectly, > etc. When I first sent a message this morning to someone, the OTR: status > was Not Private (hadn't yet established...). I didn't click on the button, > I just sent a message. Here's what happened: > > (10:34:56) MY_ID: test > (10:34:57) OTR Error: You sent unencrypted data to PERSON_X, who was > expecting encrypted messages from you. > (10:34:57) PERSON_X: ?OTR Error: You sent unencrypted data to PERSON_X, who > was expecting encrypted messages from you. > (10:34:57) PERSON_X: > ?OTR:AAEKAQAAAICT0SdyQU0VUKURAezGa5X91P8+mRB49+JClYU/F12PyF1U0GLIrP+tLVNpU/ROWS7UPICg7JKq2isxExj9oVWXs4+DOj550F6L889q9OclnIAYICMKoEYOdcYZhgx8ggSwzQjkEC3sm5AK4FAeirol0t/oy3NvvXYVsnBMeUc/RwAAABTGEjr7IVCNwazxlqGYO6DsC7IaUQAAAIAllBf3s4Fx1l+dCSeviXZtqgvqNn28XHJg7bCTbI+4Ue1IzNU2bEsakZd9f8vR6D87UN7/RY82+6CMN+0Dj4jMh4Zt55eXSsPeZsdld5B5VA7nep4SbdknOnS5bPZM+helRxg5rrSZEWwjurqVn4znNW2UQ4zWORqsLLuxRh+PAQAAAIBHvN7dlwBELr03kSaIGG/RCFK50aM3c7J3/P0cYkVV04sBmwfyaP5AsAQTkAph3WcKBaWe5Ur56xqR/CpctrGNcspMzLs1vaiAnx414wFRFTPyDKKb8ydt9ibcsBmKrDOZnL2L/uEx2CBFdaTAikg7ObSH0gBpaj533UloNGwsBAAAAAIAAADAB+w7O8eENXkxOqKlkwWzdwokXCeGI7iNECrhwytMQmhXs9V4e0aQwvukf/Cm0IcMy2OcByuz2AZL6nfl29GeaLMuwuqZEY4AIDlGVPsGCxSTXfpFImVracQTXHgFh7SNCcZwc3m0Gn0Xw7LpCmpAY6bUCzf5pCeW17UdL3FNUYVoPEkZCkIZ1PSEg0NARlWobarItyAG5JidV6WBMwhqj+AZwte26Cyr6lJZMWUKYnf2G4MgM5hCwQb9dTYRb794ofn2lHB9FLoX5OjaDNSDUI6PD2BlYkZ7XAZ4z19mM7Mb2qC+XZQHvg==. > > > The last message is really what I'm concerned about. I also get that ?OTR: > message when I click on the button to establish the connection. Any > thoughts on whether or not I should do something differently? > > Thanks again for providing this program/plugin. And thanks in advance for > any suggestions or comments. You seem to be seeing protocol messages that are received by the plugin, even though the plugin marks them as "don't display this message to the user". > (10:34:57) OTR Error: You sent unencrypted data to PERSON_X, who was > expecting encrypted messages from you. > (10:34:57) PERSON_X: ?OTR Error: You sent unencrypted data to PERSON_X, who > was expecting encrypted messages from you. The first message was output by the OTR plugin. The second is the raw protocol message, which you're for some reason seeing, when you shouldn't be. Similarly, when your plugin received the OTR error message, it sent a Key Exchange message to PERSON_X. His client replied with a Key Exchange message (with the Reply bit set to 1, which it is in the above message). Your client accepted the Key Exchange Message, but *also* displayed it. I'm wondering if this is a bug in gaim 1.2.0. Could you possibly temporarily downgrade to 1.1.4 and see if it still happens? [Is anyone else on this list running gaim-otr with gaim 1.2.0?] Are you running any other gaim plugins that might be interacting with message delivery/display? Thanks, - Ian From bean62 at hotmail.com Thu Mar 24 11:25:51 2005 From: bean62 at hotmail.com (ben k) Date: Thu, 24 Mar 2005 11:25:51 -0500 Subject: [OTR-users] OTR : session setup messages, issue. In-Reply-To: <20050324160327.GI26798@smtp.paip.net> Message-ID: >Are you running any other gaim plugins that might be interacting with >message delivery/display? That was the issue. Thanks for your prompt response. After reading this, I noticed I still had the gaim-encryption plugin enabled. I disabled it, shutdown-and-restarted gaim, and tried again and OTR worked perfectly. The gaim-encryption plugin was interfering, I suppose. Thanks again, working perfectly now. -ben _________________________________________________________________ FREE pop-up blocking with the new MSN Toolbar ? get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ From ian at cypherpunks.ca Thu Mar 24 15:33:18 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 24 Mar 2005 15:33:18 -0500 Subject: [OTR-users] OTR : session setup messages, issue. In-Reply-To: References: <20050324160327.GI26798@smtp.paip.net> Message-ID: <20050324203318.GJ26798@smtp.paip.net> On Thu, Mar 24, 2005 at 11:25:51AM -0500, ben k wrote: > > >Are you running any other gaim plugins that might be interacting with > >message delivery/display? > > That was the issue. Thanks for your prompt response. After reading this, > I noticed I still had the gaim-encryption plugin enabled. I disabled it, > shutdown-and-restarted gaim, and tried again and OTR worked perfectly. The > gaim-encryption plugin was interfering, I suppose. > > Thanks again, working perfectly now. It's a fair cop, though; you shouldn't have seen that message. I've checked in a fix for the next version. Here's the ChangeLog entry: * otr-plugin.c (process_receiving_im): If libotr tells us to ignore this received message (because it's an internal protocol message), it's not enough just to return 1 from this function, since other plugins that catch receiving-im-msg may later return 0, and gaim only checks the return value from the last such plugin. So we additionally set the message to NULL. That's unexpected behaviour from gaim, if you ask me, but it was easy enough to work around. gaim-otr 2.0.2 will not display the internal protocol messages just because you've got another plugin running. Thanks for the detailed bug report! - Ian From adam_zimmerman at ezrs.com Thu Mar 24 18:57:49 2005 From: adam_zimmerman at ezrs.com (Adam Zimmerman) Date: Thu, 24 Mar 2005 15:57:49 -0800 Subject: [OTR-users] Need someone to test OTR with for screenshots Message-ID: <1111708669.6212.7.camel@localhost> Hi all. First of all of course, many thanks to the developers for an awesome plugin. In response to Kat's request, I'm doing an install and setup guide for gaim-otr on debian. I've gotten all the screenshots I need, except one, of an actual conversation with the OTR: Private button. If someone would be so kind as to IM me and help me test OTR and get my last screenshot too, I'd be very grateful. I'm climbingsfun (Fingerprint: D5C0A99C 41618EAA 4135CA75 98B23A3B CA1BD1CA) on AIM. Thanks. -- Adam Zimmerman CREATIVITY - http://tinyurl.com/3oxgw ALWAYS - http://randomfoo.net/oscon/2002/lessig/ BUILDS - http://www.theopencd.org/ ON THE PAST - http://free-culture.org/freecontent/ -- Modesty is a vastly overrated virtue. -- J.K. Galbraith From aldert at rotz.org Thu Mar 24 19:13:00 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Fri, 25 Mar 2005 01:13:00 +0100 Subject: [OTR-users] Need someone to test OTR with for screenshots In-Reply-To: <1111708669.6212.7.camel@localhost> References: <1111708669.6212.7.camel@localhost> Message-ID: <4243578C.4040204@rotz.org> Adam Zimmerman wrote: > except one, of an actual conversation with the OTR: Private button. If > someone would be so kind as to IM me and help me test OTR and get my > last screenshot too, I'd be very grateful. > Grin. I was only number three to ping Adam. :) :) :) Aldert. From jedhassell at gmail.com Mon Mar 28 00:52:14 2005 From: jedhassell at gmail.com (Jed Hassell) Date: Mon, 28 Mar 2005 00:52:14 -0500 Subject: [OTR-users] Ignored Messages Message-ID: I'm a student at the University of Georgia and I'm currently working on a project for one of my classes which requires me to be able to send messages through the AOL network which will be ignored by all clients except for the one that I am implementing. I am assuming that there is a way to do this sense programs like gaim and trillian send messages back and forth that are ignored by outside clients (encryption setup). Does anyone on this mailing that has any idea how to do this. I am using java 5.0 and am altering the simpleaim program found on sourceforge. Thanks in advance for the help. Jed From jcohen07 at brandeis.edu Mon Mar 28 02:48:39 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 02:48:39 -0500 Subject: [OTR-users] Is there any way to increase key sizes or a plan to include this feature? Message-ID: <4247B6D7.3010903@brandeis.edu> 1024 bit DH & DSA keys are of questionable strength. It is quite possible that over the next 5-10 years a realistic attack against such keys will become possible. Although OTR provides perfect forward security, it can't prevent a brute force attack. Is there a way to increase the size of the DH parameter to 2048 bits or to use a 2048 bit RSA signature key? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 827 bytes Desc: OpenPGP digital signature URL: From jcohen07 at brandeis.edu Mon Mar 28 04:16:53 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 04:16:53 -0500 Subject: [OTR-users] DH modulus size & RSA keys Message-ID: <4247CB85.3040506@brandeis.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Upon reading the Protocol Description paper I found I was incorrect about the DH modulus size (It's 1536 bits rather than 1000). However, I would still like to use a 2048 bit modulus which is the currently recommended size. Is this possible? I also saw a great deal of discussion on the developer's mailing list about allowing the use of RSA signing keys in addition to DSS. Are RSA signing keys currently allowed? If so, how would I go about increasing the size to 2048 bits? Jason -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iQIVAwUBQkfLhAT9Agfn8ns8AQoXpg//ZWvPueCRMRwptMwVXnoM0rKKY4F294QC l5kAJgEKQUNEL1c8GnAEwTa7P6xrTIUe1tvrwZ3YFf6oiqYJY39sLtvWF68aBElZ l8bD8p4JVyQe2r84SnsUs4S3ZD9VaxDTHO+a4fLQPoQZqKgvwcTCBNHHbBIv2k4n FMAqkTgG8qqQneNJxUZUE5LeQWYFj8//Jqc9hVtQVUe5jxT7tOAOcrXv1BXWljPn JBxtbhj0iDXKg18UXuerLUmCoDL1D+Ubu8nTvPHph6+ej4DaNm1gHVN03PXAnXzP 2zV2hYd1z/vKJR15pKFieauzUzrSuQYMrYtKNWbEdBRSGb6CLeOXncwyEEY1ixws Byfo24AX3nusN2SZaeSZ9q7+JOAKj2AwcbcGJCg3WOBEvnc/YWcsqrgYopWv0lFx MInk/qLObaea9HyJRBxkXIx7P54g2NoLwlu6JIWQ7kvF2cBsAsO9FeC7qVafaswH K1kMql/dLjE5R1kyRH4NyOrKN7fz7QV2vcoQ99ICONcRBa7VGnpaBsVfwCcy3JJt NUZQslogZYrrpOrPM9UKLiRThY1bsfSY8HJq7pwOJuh+gXCPjx307K35cxvx8GiI P7BRJ/Wy1HMoOIvwFYO21CUTIqXpM7LBtxmW9Kx5fa8f8kxoXyojAhztDrHKcBal HlbO2B4lgkE= =FOWq -----END PGP SIGNATURE----- From jcohen07 at brandeis.edu Mon Mar 28 04:18:19 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 04:18:19 -0500 Subject: [OTR-users] DH modulus size & RSA keys Message-ID: <4247CBDB.6090906@brandeis.edu> Upon reading the Protocol Description paper I found I was incorrect about the DH modulus size (It's 1536 bits rather than 1000). However, I would still like to use a 2048 bit modulus which is the currently recommended size. Is this possible? I also saw a great deal of discussion on the developer's mailing list about allowing the use of RSA signing keys in addition to DSS. Are RSA signing keys currently allowed? If so, how would I go about increasing the size to 2048 bits? Jason From jcohen07 at brandeis.edu Mon Mar 28 04:18:46 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 04:18:46 -0500 Subject: [OTR-users] Where are the OTR-Private and OTR-Not Private buttons stored? Message-ID: <4247CBF6.3040102@brandeis.edu> I would like to replace the default text "OTR-Private" and "OTR-Not Private" buttons with something that more clearly shows the status of the connection. Gaim-Encrypt's button shows a red lock icon for encrypted communications and a unlocked grey icon for unencrypted conversations (or a green unlocked icon if encryption is available but not used). I was thinking of replicating this for OTR but instead of using Tx;Secure and Rx:secure I would simply have the text say "OTR:Secure" and "OTR:Insecure". However, I can't seem to find the location of OTR's button? Anyone know where I can find it, or the name of the file so i can search for it? Here's a screenshot of what the gaim-encrypt icons look like: http://gaim-encryption.sourceforge.net/conversation.html Jason From ian at cypherpunks.ca Mon Mar 28 08:53:47 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 08:53:47 -0500 Subject: [OTR-users] Where are the OTR-Private and OTR-Not Private buttons stored? In-Reply-To: <4247CBF6.3040102@brandeis.edu> References: <4247CBF6.3040102@brandeis.edu> Message-ID: <20050328135347.GC30200@smtp.paip.net> On Mon, Mar 28, 2005 at 04:18:46AM -0500, Jason Cohen wrote: > I would like to replace the default text "OTR-Private" and "OTR-Not > Private" buttons with something that more clearly shows the status of > the connection. Gaim-Encrypt's button shows a red lock icon for > encrypted communications and a unlocked grey icon for unencrypted > conversations (or a green unlocked icon if encryption is available but > not used). I was thinking of replicating this for OTR but instead of > using Tx;Secure and Rx:secure I would simply have the text say > "OTR:Secure" and "OTR:Insecure". However, I can't seem to find the > location of OTR's button? Anyone know where I can find it, or the name > of the file so i can search for it? > > Here's a screenshot of what the gaim-encrypt icons look like: > http://gaim-encryption.sourceforge.net/conversation.html The button is constructed in gtk-dialog.c (dialog_update_label_conv). The "icon" idea is actually on our todo list; I would personally prefer something more akin to whispering vs. shouting than a lock (since OTR provides private, not just encrypted, conversations), but I certainly don't have the art-fu to draw those. [But for the same reason, the text should say "Private", not "Secure".] - Ian From ian at cypherpunks.ca Mon Mar 28 08:56:34 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 08:56:34 -0500 Subject: [OTR-users] DH modulus size & RSA keys In-Reply-To: <4247CBDB.6090906@brandeis.edu> References: <4247CBDB.6090906@brandeis.edu> Message-ID: <20050328135634.GD30200@smtp.paip.net> On Mon, Mar 28, 2005 at 04:18:19AM -0500, Jason Cohen wrote: > Upon reading the Protocol Description paper I found I was incorrect > about the DH modulus size (It's 1536 bits rather than 1000). However, I > would still like to use a 2048 bit modulus which is the currently > recommended size. Is this possible? > > I also saw a great deal of discussion on the developer's mailing list > about allowing the use of RSA signing keys in addition to DSS. Are RSA > signing keys currently allowed? If so, how would I go about increasing > the size to 2048 bits? In this version of the protocol, the only key exchange method defined is DSA, and the only key agreement is 1536-bit DH. This may change in a later version, at the cost of incompatibility with clients that don't understand it. - Ian From ian at cypherpunks.ca Mon Mar 28 08:59:29 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 08:59:29 -0500 Subject: [OTR-users] Ignored Messages In-Reply-To: References: Message-ID: <20050328135929.GE30200@smtp.paip.net> On Mon, Mar 28, 2005 at 12:52:14AM -0500, Jed Hassell wrote: > I'm a student at the University of Georgia and I'm currently working > on a project for one of my classes which requires me to be able to > send messages through the AOL network which will be ignored by all > clients except for the one that I am implementing. I am assuming that > there is a way to do this sense programs like gaim and trillian send > messages back and forth that are ignored by outside clients > (encryption setup). Does anyone on this mailing that has any idea how > to do this. I am using java 5.0 and am altering the simpleaim program > found on sourceforge. Thanks in advance for the help. OTR doesn't actually do this; rather than sending messages that will be ignored by clients that don't speak OTR, it first detects whether the other client speaks OTR, and if so, only then sends the message. As far as I understand, Trillian's encryption does the same thing; I don't know of a way to do what you want. - Ian From ian at cypherpunks.ca Mon Mar 28 11:32:38 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 11:32:38 -0500 Subject: [OTR-users] DH modulus size & RSA keys In-Reply-To: <20050328135634.GD30200@smtp.paip.net> References: <4247CBDB.6090906@brandeis.edu> <20050328135634.GD30200@smtp.paip.net> Message-ID: <20050328163238.GF30200@smtp.paip.net> On Mon, Mar 28, 2005 at 08:56:34AM -0500, Ian Goldberg wrote: > On Mon, Mar 28, 2005 at 04:18:19AM -0500, Jason Cohen wrote: > > Upon reading the Protocol Description paper I found I was incorrect > > about the DH modulus size (It's 1536 bits rather than 1000). However, I > > would still like to use a 2048 bit modulus which is the currently > > recommended size. Is this possible? > > > > I also saw a great deal of discussion on the developer's mailing list > > about allowing the use of RSA signing keys in addition to DSS. Are RSA > > signing keys currently allowed? If so, how would I go about increasing > > the size to 2048 bits? > > In this version of the protocol, the only key exchange method defined is > DSA, and the only key agreement is 1536-bit DH. This may change in a > later version, at the cost of incompatibility with clients that don't > understand it. I'd also like to note a couple of things: - The keysize of the authentication step only has to make it secure until after your buddy receives the message; after he's accepted your initial DH key, you don't care what happens in the future. DSA is plenty fine for this today. - The keysize of the DH only has to be large enough that you're comfortable with the adversary having to break a DH key agreement *per message*, since (approximately) each message you send is encrypted with a new key, derived from a fresh DH key agreement. [And, although it's small comfort, even if, in 20 years, pocket calculators can break 1536-bit DH in real time, you _still_ get the deniability properties; the transcripts are completely forgeable, so they'll need to be convinced your stored transcripts haven't been messed with over the decades.] - Ian From jcohen07 at brandeis.edu Mon Mar 28 12:35:34 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 12:35:34 -0500 Subject: [OTR-users] DH modulus size & RSA keys In-Reply-To: <20050328163238.GF30200@smtp.paip.net> References: <4247CBDB.6090906@brandeis.edu> <20050328135634.GD30200@smtp.paip.net> <20050328163238.GF30200@smtp.paip.net> Message-ID: <42484066.1090806@brandeis.edu> An HTML attachment was scrubbed... URL: From jcohen07 at brandeis.edu Mon Mar 28 13:59:41 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 13:59:41 -0500 Subject: [OTR-users] Perfect Forward Security Message-ID: <4248541D.6060409@brandeis.edu> Quoting: The keysize of the DH only has to be large enough that you're comfortable with the adversary having to break a DH key agreement *per message*, since (approximately) each message you send is encrypted with a new key, derived from a fresh DH key agreement. If an adversary steals your private key and can break one message, don't they have all the needed information to decrypt the next message? They have the key used to encrypt the next message as well as the private "x" value. I'm probably just confused. I would appreciate it if someone could clarify this for me. Jason From ian at cypherpunks.ca Mon Mar 28 14:20:08 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 14:20:08 -0500 Subject: [OTR-users] Perfect Forward Secrecy In-Reply-To: <4248541D.6060409@brandeis.edu> References: <4248541D.6060409@brandeis.edu> Message-ID: <20050328192008.GH30200@smtp.paip.net> [It's "perfect forward secrecy", not "p.f. security".] On Mon, Mar 28, 2005 at 01:59:41PM -0500, Jason Cohen wrote: > Quoting: > > The keysize of the DH only has to be large enough that you're > comfortable with the adversary having to break a DH key agreement *per > message*, since (approximately) each message you send is encrypted > with a new key, derived from a fresh DH key agreement. > > If an adversary steals your private key and can break one message, > don't they have all the needed information to decrypt the next > message? They have the key used to encrypt the next message as well as > the private "x" value. I'm probably just confused. I would appreciate > it if someone could clarify this for me. No; if you break DH to find the private key associated with the public key used to encrypt message number 1, that doesn't give you the private key associated with the public key used to encrypt message number 2. Each message (approximately) uses a brand-new DH private/public key pair. You have to break DH all over again to get that second private key, and so on. Knowing the DSA private key also has no effect on this result. I'm not sure that was clear enough. Let me know if there's something you still don't understand. - Ian From jcohen07 at brandeis.edu Mon Mar 28 14:54:00 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 14:54:00 -0500 Subject: [OTR-users] Perfect Forward Security Message-ID: <424860D8.1090002@brandeis.edu> I actually knew it was "Perfect Forward Security" but mistakenly typed "Secrecy". Anyways, thanks for the clarification. I also read your "Off-the-Record Messaging or, when not to use PGP" power point presentation for the Black Hat Briefings and it was quite helpful. Jason From ian at cypherpunks.ca Mon Mar 28 15:30:13 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 15:30:13 -0500 Subject: [OTR-users] Perfect Forward Security In-Reply-To: <424860D8.1090002@brandeis.edu> References: <424860D8.1090002@brandeis.edu> Message-ID: <20050328203013.GJ30200@smtp.paip.net> On Mon, Mar 28, 2005 at 02:54:00PM -0500, Jason Cohen wrote: > I actually knew it was "Perfect Forward Security" but mistakenly typed > "Secrecy". No, no. It *is* "perfect forward secrecy". You originally mistyped "security", and I corrected the subject line. ;-) > Anyways, thanks for the clarification. I also read your > "Off-the-Record Messaging or, when not to use PGP" power point > presentation for the Black Hat Briefings and it was quite helpful. No problem. - Ian From morty at gmx.net Mon Mar 28 15:06:37 2005 From: morty at gmx.net (=?UTF-8?B?TW9yaXR6ICdNb3J0eScgU3Ryw7xiZQ==?=) Date: Mon, 28 Mar 2005 22:06:37 +0200 Subject: [OTR-users] Perfect Forward Secrecy In-Reply-To: <20050328192008.GH30200@smtp.paip.net> References: <4248541D.6060409@brandeis.edu> <20050328192008.GH30200@smtp.paip.net> Message-ID: <424863CD.6080608@gmx.net> Ian Goldberg wrote: >[It's "perfect forward secrecy", not "p.f. security".] > >On Mon, Mar 28, 2005 at 01:59:41PM -0500, Jason Cohen wrote: > > >>Quoting: >> >>The keysize of the DH only has to be large enough that you're >> comfortable with the adversary having to break a DH key agreement *per >> message*, since (approximately) each message you send is encrypted >> with a new key, derived from a fresh DH key agreement. >> >>If an adversary steals your private key and can break one message, >>don't they have all the needed information to decrypt the next >>message? They have the key used to encrypt the next message as well as >>the private "x" value. I'm probably just confused. I would appreciate >>it if someone could clarify this for me. >> >> > >No; if you break DH to find the private key associated with the public >key used to encrypt message number 1, that doesn't give you the private >key associated with the public key used to encrypt message number 2. >Each message (approximately) uses a brand-new DH private/public key >pair. You have to break DH all over again to get that second private >key, and so on. Knowing the DSA private key also has no effect on this >result. > >I'm not sure that was clear enough. Let me know if there's something >you still don't understand. > > - Ian >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > > > Maby I can make it a bit more clear. You have a public and a private key. You encrypt with the public key and decrypt with the private key. If you only have the pub key, you can't decode the message. If you calculate the 1st private key (wich takes lots of time) all you get is the 1st message and the secound public key. Now you have to calculate the secound private Key (wich takes a lots of time again) to decode the secound message and get the third public key, and so on. As you "forget" your private key as soon as you don't need it any more there is no way to get it then to calculate the Private key from the public key, wich as alreade mentioned taks lots of time. Hope this maks things a bit more clear. morty -- Diese Email ist signiert. Solltest Du von mir eine nicht signierte Mail bekommen und das Gef?hl haben, dass sie nicht von mir stammt, ist dies wahrscheinlich der Fall. Sollte Dein Email-Client keine Signaturen unterst?tzen wird eine smime.p7s-Datei im Anhang angeziegt. Get Firefox! - Den besten Browser jetzt in Version 1.0.1, Deutsch runterladen! -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: firefox_80x15.png Type: image/png Size: 1063 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: morty.vcf Type: text/x-vcard Size: 743 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3154 bytes Desc: S/MIME Cryptographic Signature URL: From jedhassell at gmail.com Mon Mar 28 17:35:17 2005 From: jedhassell at gmail.com (Jed Hassell) Date: Mon, 28 Mar 2005 17:35:17 -0500 Subject: [OTR-users] Re: Ignored Messages Message-ID: How does OTR detect whether the other client speaks OTR? This would be of great help. Currently I'm trying to figure out how to use the toc_rvous_propose and toc_rvous_accept methods but there just isn't enough documentation on these methods to prove worthwhile. If you could explain how OTR detects if other clients are capable of understanding OTR messages, I could work this into my own implementation and just forget about the ignored messages. Thanks On Mon, Mar 28, 2005 at 12:52:14AM -0500, Jed Hassell wrote: > I'm a student at the University of Georgia and I'm currently working > on a project for one of my classes which requires me to be able to > send messages through the AOL network which will be ignored by all > clients except for the one that I am implementing. I am assuming that > there is a way to do this sense programs like gaim and trillian send > messages back and forth that are ignored by outside clients > (encryption setup). Does anyone on this mailing that has any idea how > to do this. I am using java 5.0 and am altering the simpleaim program > found on sourceforge. Thanks in advance for the help. OTR doesn't actually do this; rather than sending messages that will be ignored by clients that don't speak OTR, it first detects whether the other client speaks OTR, and if so, only then sends the message. As far as I understand, Trillian's encryption does the same thing; I don't know of a way to do what you want. - Ian From dcarrera at math.umd.edu Mon Mar 28 17:40:19 2005 From: dcarrera at math.umd.edu (Daniel Carrera) Date: Mon, 28 Mar 2005 17:40:19 -0500 Subject: [OTR-users] Perfect Forward Security In-Reply-To: <424860D8.1090002@brandeis.edu> References: <424860D8.1090002@brandeis.edu> Message-ID: <20050328224018.GC2798@math.umd.edu> I strongly recommend you read the paper also. It's short, very readable, and much more informative than the slides. After reading it, I just loved OTR. The system is really a clever use of well established algorithms to do something new. Cheers, Daniel. On Mon, Mar 28, 2005 at 02:54:00PM -0500, Jason Cohen wrote: > I actually knew it was "Perfect Forward Security" but mistakenly typed > "Secrecy". Anyways, thanks for the clarification. I also read your > "Off-the-Record Messaging or, when not to use PGP" power point > presentation for the Black Hat Briefings and it was quite helpful. > > Jason > _______________________________________________ > OTR-users mailing list > OTR-users at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From ian at cypherpunks.ca Mon Mar 28 17:55:24 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 17:55:24 -0500 Subject: [OTR-users] Re: Ignored Messages In-Reply-To: References: Message-ID: <20050328225524.GK30200@smtp.paip.net> On Mon, Mar 28, 2005 at 05:35:17PM -0500, Jed Hassell wrote: > How does OTR detect whether the other client speaks OTR? This would > be of great help. Currently I'm trying to figure out how to use the > toc_rvous_propose and toc_rvous_accept methods but there just isn't > enough documentation on these methods to prove worthwhile. If you > could explain how OTR detects if other clients are capable of > understanding OTR messages, I could work this into my own > implementation and just forget about the ignored messages. [I don't know what toc_rvous_propose and toc_rvous_accept are.] There are two ways OTR uses: 1. If an OTR-enabled client sees any OTR protocol message coming from a buddy, it assumes the buddy can speak OTR. 2. If an OTR-enabled client sees a special whitespace pattern in a message coming from a buddy, it assumes the buddy can speak OTR. If your client is in the so-called "opportunistic" mode, it will append the whitespace pattern to the first message it sends to any buddy. If they're OTR-enabled, they'll recognize it and start an OTR session. Trillian uses a different method for its SecureIM protocol: 3. The AIM/ICQ network allows clients to publish lists of "capabilities". SecureIM is one of those capabilities; any client can tell if yours supports SecureIM. - Ian From jcohen07 at brandeis.edu Mon Mar 28 18:47:59 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 18:47:59 -0500 Subject: [OTR-users] Re: Perfect Forward Secrecy Message-ID: <424897AF.7080806@brandeis.edu> I actually have read the paper, and OTR does indeed seem very clever. I suppose my problem is that I don't fully understand how Diffie Hellman Agreement can do what it does. I can understand RSA/DSA which creates a public/private keypair on one machine and then distributes the public key (I understand how PGP works), but the concept of realtime key generation over an insecure network is baffling. I suppose it would be nice if I could better understand the math involved. Could someone explain how Diffie Hellman works to a social-science undergraduate? It would be greatly appreciated. Jason From ian at cypherpunks.ca Mon Mar 28 19:18:18 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 19:18:18 -0500 Subject: [OTR-users] Re: Perfect Forward Secrecy In-Reply-To: <424897AF.7080806@brandeis.edu> References: <424897AF.7080806@brandeis.edu> Message-ID: <20050329001818.GL30200@smtp.paip.net> On Mon, Mar 28, 2005 at 06:47:59PM -0500, Jason Cohen wrote: > I actually have read the paper, and OTR does indeed seem very clever. I > suppose my problem is that I don't fully understand how Diffie Hellman > Agreement can do what it does. I can understand RSA/DSA which creates a > public/private keypair on one machine and then distributes the public > key (I understand how PGP works), but the concept of realtime key > generation over an insecure network is baffling. I suppose it would be > nice if I could better understand the math involved. Could someone > explain how Diffie Hellman works to a social-science undergraduate? It > would be greatly appreciated. [Since you indicate you know how PGP works, I'll also include the math bits, in brackets.] DH works in almost the same way, except *both* Alice and Bob need a public/private keypair. Alice sends her public key to Bob, and Bob sends his to Alice. [Math bits: Alice's private key is "a", and her public key is "A" = "g^a mod p", where g and p are specified in advance (in the OTR spec in this case, which uses the standard ones from IPSec). Similarly, Bob's private key is "b", and his public key is "B" = "g^b mod p".] Alice then knows Bob's public key "B", as well as her own private key "a". Bob knows Alice's public key "A", as well as his own private key "b". Eve the easvesdropper only knows Alice and Bob's public keys, "A" and "B". Now comes the magic of Diffie-Hellman: it turns out Alice can combine her own private key with Bob's public key in such a way, so as when Bob combines his own private key with Alice's public key, they get *the same answer*. Moreover, Eve, who knows both public keys, but neither private key, has no (known) way of calculating this answer. [Math bits: Alice calculates "B^a mod p", and Bob calulates "A^b mod p". Note that: B^a mod p = (g^b mod p)^a mod p = g^(ba) mod p = g^(ab) mod p = (g^a mod p)^b mod p = A^b mod p ] This common value is called the Diffie-Hellman shared secret, and is used in various ways to encrypt the message. Since Alice and Bob both know it, and Eve doesn't, this is secure. In OTR, Alice and Bob change their keys *often* (as often as every message), so each message ends up being encrypted with a brand-new DH shared secret. Does that help? - Ian From jcohen07 at brandeis.edu Mon Mar 28 19:22:46 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 19:22:46 -0500 Subject: [OTR-users] RSA key support + Larger DH keys Message-ID: <42489FD6.2070609@brandeis.edu> Quoting Ian Goldberg >In this version of the protocol, the only key exchange method defined is > DSA, and the only key agreement is 1536-bit DH. This may change in a > later version, at the cost of incompatibility with clients that don't > understand it. Are there plans to change the protocol to support RSA keys or larger DH keys, or is this just a hypothetical at this point? Jason From ian at cypherpunks.ca Mon Mar 28 19:32:02 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 19:32:02 -0500 Subject: [OTR-users] RSA key support + Larger DH keys In-Reply-To: <42489FD6.2070609@brandeis.edu> References: <42489FD6.2070609@brandeis.edu> Message-ID: <20050329003202.GN30200@smtp.paip.net> On Mon, Mar 28, 2005 at 07:22:46PM -0500, Jason Cohen wrote: > Quoting Ian Goldberg > > >In this version of the protocol, the only key exchange method defined is > > DSA, and the only key agreement is 1536-bit DH. This may change in a > > later version, at the cost of incompatibility with clients that don't > > understand it. > > Are there plans to change the protocol to support RSA keys or larger > DH keys, or is this just a hypothetical at this point? I don't think there's any point to using RSA encryption where DH is used now, but different DH groups may be possible. But yes, it's hypothetical at this time. There *is* a plausible reason to use RSA signatures instead of DSA in the initial key exchange, but that's also hypothetical. - Ian From adam_zimmerman at ezrs.com Mon Mar 28 19:31:10 2005 From: adam_zimmerman at ezrs.com (Adam Zimmerman) Date: Mon, 28 Mar 2005 16:31:10 -0800 Subject: [OTR-users] Re: Perfect Forward Secrecy In-Reply-To: <424897AF.7080806@brandeis.edu> References: <424897AF.7080806@brandeis.edu> Message-ID: <1112056270.30491.9.camel@localhost> OK, let me try. I'm only a first year comp-sci major, so this could be horribly wrong. I don't quite understand math describing *why* it works. However, the math that allows 2 people to come up with the same key is quite simple. Alice chooses a random number a. Bob chooses b. g and p are prechosen, and can be public. Alice computes g^a mod p, and Bob does g^b mod p. These are their public values. Alice takes Bob's public key, and combines it with her own, by computing: (g^b)^a mod p (remember a is Alice's private key). Bob does likewise, (g^a)^b mod p. Since (x^y)^z = x^yz, Alice and Bob have both computed g^ab (mod p, which doesn't change anything), which is their shared key. Like I said, I'm not sure *why* this is secure, but there's the math for you. Hope that helped. On Mon, 2005-03-28 at 18:47 -0500, Jason Cohen wrote: > I actually have read the paper, and OTR does indeed seem very clever. I > suppose my problem is that I don't fully understand how Diffie Hellman > Agreement can do what it does. I can understand RSA/DSA which creates a > public/private keypair on one machine and then distributes the public > key (I understand how PGP works), but the concept of realtime key > generation over an insecure network is baffling. I suppose it would be > nice if I could better understand the math involved. Could someone > explain how Diffie Hellman works to a social-science undergraduate? It > would be greatly appreciated. > > Jason > _______________________________________________ > OTR-users mailing list > OTR-users at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users -- Adam Zimmerman CREATIVITY - http://tinyurl.com/3oxgw ALWAYS - http://randomfoo.net/oscon/2002/lessig/ BUILDS - http://www.theopencd.org/ ON THE PAST - http://free-culture.org/freecontent/ -- Programmers do it bit by bit. From jcohen07 at brandeis.edu Mon Mar 28 19:41:38 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 19:41:38 -0500 Subject: [OTR-users] Re: Perfect Forward Secrecy In-Reply-To: <20050329001818.GL30200@smtp.paip.net> References: <424897AF.7080806@brandeis.edu> <20050329001818.GL30200@smtp.paip.net> Message-ID: <4248A442.90700@brandeis.edu> An HTML attachment was scrubbed... URL: From jcohen07 at brandeis.edu Mon Mar 28 19:46:08 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 19:46:08 -0500 Subject: [OTR-users] RSA key support + Larger DH keys In-Reply-To: <20050329003202.GN30200@smtp.paip.net> References: <42489FD6.2070609@brandeis.edu> <20050329003202.GN30200@smtp.paip.net> Message-ID: <4248A550.3050304@brandeis.edu> An HTML attachment was scrubbed... URL: From jcohen07 at brandeis.edu Mon Mar 28 21:30:38 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 21:30:38 -0500 Subject: [OTR-users] gaim-otr plugin Message-ID: <4248BDCE.4050702@brandeis.edu> I also use Mandrake 10.1 so I should be able to help. After compiling and installing libotr you'll need to do the same for gaim-otr. Make sure you have gaim-devel, and compile gaim-otr. When that's done you'll need to make install as root. At least on my system, the plugin file is installed to /usr/lib/gaim/gaim-otr.so - NOT /home/user/.gaim/plugins. You can also recompile the source rpm which is what I did. Your system must be setup to rebuild rpms. As a user do this: rpm --rebuild libotr...src.rpm rpm --rebuild gaim-otr...src.rpm The rpm will be installed to /home/user/rpm/RPMS/i586/ If you want I can email you the 10.1 recompiled for gaim-otr. It's only 78 kb or so. Quoting: Ryan R. Matt Hello, I am using Mandrake 10.1 so I downloaded the source files and compiled them. I installed libotr.2.0.1 without any problems. I followed the readme's advice and downloaded and installed pkg-config 0.15 with any problems. Then I downloaded and compiled gaim-otr. So far no problem. It installs in the proper directories (/usr/lib/gaim) and I copy it to ~/.gaim and ~/.gaim/plugins as per the README file. I then opened up gaim and opened up the preferences menu and selected the plugins menu. while searching the menu i cannot find the Gaim-OTR plugin listed. I don't know what other information to provide because i'm not really sure what the problem is, i.e., I even rebooted the system and logged in and still no luck with getting gaim to register the plugin. I have gaim-encryption right now, but my friend said that OTR was better. I have gaim-devel installed as well. My gaim verision is 1.2.0. Any advice would be greately appreciated. Thank you for your courtesies. Sincerely, Ryan From jcohen07 at brandeis.edu Mon Mar 28 23:27:35 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 23:27:35 -0500 Subject: [OTR-users] DH moduli & AES keysize Message-ID: <4248D937.4020505@brandeis.edu> Wouldn't it be quite simple to use new DH moduli? ssh-keygen actually provides a utility to create & test moduli. I created 4096 bit DH moduli (and tested all 280,000 of them in 19 hours) and replaced /etc/ssh/moduli with the new larger values. Provided OTR read moduli from a file, it should be quite simple for users to generate moduli of any size. I would think it would also be equally simple to increase the AES keysize used to 192 or 256. Jason Quoting: I don't think there's any point to using RSA encryption where DH is used now, but different DH groups may be possible. But yes, it's hypothetical at this time. There *is* a plausible reason to use RSA signatures instead of DSA in the initial key exchange, but that's also hypothetical. - Ian From ian at cypherpunks.ca Tue Mar 29 07:34:38 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Tue, 29 Mar 2005 07:34:38 -0500 Subject: [OTR-users] DH moduli & AES keysize In-Reply-To: <4248D937.4020505@brandeis.edu> References: <4248D937.4020505@brandeis.edu> Message-ID: <20050329123438.GO30200@smtp.paip.net> On Mon, Mar 28, 2005 at 11:27:35PM -0500, Jason Cohen wrote: > Wouldn't it be quite simple to use new DH moduli? ssh-keygen actually > provides a utility to create & test moduli. I created 4096 bit DH > moduli (and tested all 280,000 of them in 19 hours) and replaced > /etc/ssh/moduli with the new larger values. Provided OTR read moduli > from a file, it should be quite simple for users to generate moduli of > any size. I would think it would also be equally simple to increase > the AES keysize used to 192 or 256. The hard part is of course not in using a different value of p. 1536 bits was chosen so as to reduce message latency and size overhead, while providing sufficient security. Remember that you and your buddy have to use the same value of p, so if there's more than one available, you need an extra step to negotiate it, and this also opens you up to "rollback" attacks. If we're going to allow larger DH moduli, we'll almost certainly just specify the ones in RFC 3526, rather than making users generate their own, anyway. - Ian From jcohen07 at brandeis.edu Tue Mar 29 16:09:56 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Tue, 29 Mar 2005 16:09:56 -0500 Subject: [OTR-users] DH moduli & AES keysize In-Reply-To: <20050329123438.GO30200@smtp.paip.net> References: <4248D937.4020505@brandeis.edu> <20050329123438.GO30200@smtp.paip.net> Message-ID: <4249C424.8070809@brandeis.edu> The WPES 2004 paper states that under the current protocol a person can send and receive up to 18 messages per second (36 messages total) on a 450 mhz Pentium IIII. Thus, it would seem that even on a slow machine 2048 bit DH moduli wouldn't add a great deal of latency. 450 mhz machines are also on the low end of what is generally used for desktops. Most PCs are 2-3 years old and 450 mhz processors are at least 4-5 if I remember correctly. Does anyone happen to have performance tests for 2048 or 3072 bit DH moduli. Could I test this myself? Jason >The hard part is of course not in using a different value of p. 1536 >bits was chosen so as to reduce message latency and size overhead, while >providing sufficient security. Remember that you and your buddy have to >use the same value of p, so if there's more than one available, you need >an extra step to negotiate it, and this also opens you up to "rollback" >attacks. > >If we're going to allow larger DH moduli, we'll almost certainly just >specify the ones in RFC 3526, rather than making users generate their >own, anyway. > > - Ian >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > From joel-pub at mawhorter.org Tue Mar 29 17:16:30 2005 From: joel-pub at mawhorter.org (Joel Mawhorter) Date: Tue, 29 Mar 2005 14:16:30 -0800 Subject: [OTR-users] DH moduli & AES keysize In-Reply-To: <4249C424.8070809@brandeis.edu> References: <4248D937.4020505@brandeis.edu> <20050329123438.GO30200@smtp.paip.net> <4249C424.8070809@brandeis.edu> Message-ID: <20050329141630.4952e012@localhost> On Tue, 29 Mar 2005 16:09:56 -0500 Jason Cohen wrote: > The WPES 2004 paper states that under the current protocol a person can > send and receive up to 18 messages per second (36 messages total) on a > 450 mhz Pentium IIII. Thus, it would seem that even on a slow machine > 2048 bit DH moduli wouldn't add a great deal of latency. 450 mhz > machines are also on the low end of what is generally used for desktops. > Most PCs are 2-3 years old and 450 mhz processors are at least 4-5 if I > remember correctly. Don't forget that many of the people who are in situations where the need for OTR is most important do not have access to the latest (or maybe even 4-5 year old) hardware. I'm sure people with fast desktop machines make up the majority of current OTR users but how many of them use OTR because they fear torture and death from oppressive governments? As well, if OTR will ever be used for instant messaging on portable devices, making OTR require a lot more computational power is probably not a good idea. Joel > Does anyone happen to have performance tests for 2048 or 3072 bit DH > moduli. Could I test this myself? > > Jason > From jcohen07 at brandeis.edu Tue Mar 29 17:37:00 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Tue, 29 Mar 2005 17:37:00 -0500 Subject: [OTR-users] DH moduli & AES keysize In-Reply-To: <20050329141630.4952e012@localhost> References: <4248D937.4020505@brandeis.edu> <20050329123438.GO30200@smtp.paip.net> <4249C424.8070809@brandeis.edu> <20050329141630.4952e012@localhost> Message-ID: <4249D88C.909@brandeis.edu> People who live in nations with oppressive dictatorships will not protect themselves by using encryption. The very fact that they are encrypting data I'm sure would be considered a crime. They also would likely not have access to their own personal machines which would allow them to install & setup OTR. We have some semblence of privacy because the United States as well as Westsern Europe generally does not make it a crime encrypt data. Secondly, no one would be forced to use larger DH moduli. The default could remain at 1536, with the option for the user of increasing the size. As I said, the speed difference between 1536 and 2048 is probably quite minimal on most systems (even a 450 mhz system) and a PDA wouldn't be rekeying every message anyways. The WPES paper recommends rekeying every minute. OTR could read from a default list of moduli with sizes say between 1536 and 4096 bits (so the moduli don't have to be sent over the network). The OTR user initiating the private conversation would just specify the key size he desires, and perhaps a minimum keysize he'll accept to prevent rollback attacks. If a user specifies a moduli size larger than 2048 a warning message could inform him that his might cause slowdowns as gnupg already does. If the user doesn't mind or thinks the slowdown will be minimal, and his buddy's have fairly fast computers he can choose a larger bit size. If he doesn't have a preference or thinks 1536 bits is sufficient, he can keep the default size which I imagine most people will do. Jason Joel Mawhorter wrote: >y On Tue, 29 Mar 2005 16:09:56 -0500 >Jason Cohen wrote: > > > >>The WPES 2004 paper states that under the current protocol a person can >>send and receive up to 18 messages per second (36 messages total) on a >>450 mhz Pentium IIII. Thus, it would seem that even on a slow machine >>2048 bit DH moduli wouldn't add a great deal of latency. 450 mhz >>machines are also on the low end of what is generally used for desktops. >>Most PCs are 2-3 years old and 450 mhz processors are at least 4-5 if I >>remember correctly. >> >> > >Don't forget that many of the people who are in situations where the need for OTR is most important do not have access to the latest (or maybe even 4-5 year old) hardware. I'm sure people with fast desktop machines make up the majority of current OTR users but how many of them use OTR because they fear torture and death from oppressive governments? > >As well, if OTR will ever be used for instant messaging on portable devices, making OTR require a lot more computational power is probably not a good idea. > >Joel > > > >>Does anyone happen to have performance tests for 2048 or 3072 bit DH >>moduli. Could I test this myself? >> >>Jason >> >> >> >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > From ian at cypherpunks.ca Tue Mar 29 18:29:22 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Tue, 29 Mar 2005 18:29:22 -0500 Subject: [OTR-users] DH moduli & AES keysize In-Reply-To: <20050329123438.GO30200@smtp.paip.net> References: <4248D937.4020505@brandeis.edu> <20050329123438.GO30200@smtp.paip.net> Message-ID: <20050329232922.GS30200@smtp.paip.net> On Tue, Mar 29, 2005 at 07:34:38AM -0500, Ian Goldberg wrote: > The hard part is of course not in using a different value of p. 1536 > bits was chosen so as to reduce message latency and size overhead, while ^^^^^^^^^^^^^^^^^ > providing sufficient security. You're focusing on the latency, and forgetting about the size. Using a 4096-bit key instead of 1536-bit will remove 320 bytes from the available message size, which is already pretty small for some IM protocols (around 500 bytes or so for ICQ, I think). You could add fragmentation to the OTR protocol, at the cost of even more overhead. You really think 1536-bit discrete logs will be calculable any time soon? I'll just say again that this change isn't on my personal priority list. But hey, it's open-source, right? ;-) - Ian From jcohen07 at brandeis.edu Tue Mar 29 18:37:38 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Tue, 29 Mar 2005 18:37:38 -0500 Subject: [OTR-users] DH moduli & AES keysize Message-ID: <4249E6C2.2050309@brandeis.edu> On Tue, Mar 29, 2005 at 07:34:38AM -0500, Ian Goldberg wrote: >> The hard part is of course not in using a different value of p. 1536 >> bits was chosen so as to reduce message latency and size overhead, while > > ^^^^^^^^^^^^^^^^^ >> providing sufficient security. > > You're focusing on the latency, and forgetting about the size. Using a 4096-bit key instead of 1536-bit will remove 320 bytes from the available message size, which is already pretty small for some IM protocols (around 500 bytes or so for ICQ, I think). You could add fragmentation to the OTR protocol, at the cost of even more overhead. You really think 1536-bit discrete logs will be calculable any time soon? I'll just say again that this change isn't on my personal priority list. But hey, it's open-source, right? ;-) - Ian I didn't realize the size limitations were that restrictive. Any idea what the AIM size limit is? I figured you had at least a 1000 bytes to use. Oh, and I don't think 1536 discrete logs will be broken in the near future, but if 2048 bit keys provide reasonable security until 2030 with minimal performance and size impact (64 bytes), why not? From paul at cypherpunks.ca Wed Mar 30 16:07:17 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Wed, 30 Mar 2005 23:07:17 +0200 (CEST) Subject: [OTR-users] gaim-otr plugin In-Reply-To: <4248BDCE.4050702@brandeis.edu> Message-ID: On Mon, 28 Mar 2005, Jason Cohen wrote: > I also use Mandrake 10.1 so I should be able to help. After compiling > You can also recompile the source rpm which is what I did. Your system > must be setup to rebuild rpms. Can you tell me if there ia yne wrong path or option used in building the rpm from the pacakges SPEC file or 'fedora' source rpm? And if there is, can you provide a fixed version for me to compare, and a proper way of detecting a Mandrake system? Paul From jcohen07 at brandeis.edu Wed Mar 30 18:46:12 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Wed, 30 Mar 2005 18:46:12 -0500 Subject: [OTR-users] gaim-otr plugin In-Reply-To: References: Message-ID: <424B3A44.7030606@brandeis.edu> Paul Wouters wrote: >On Mon, 28 Mar 2005, Jason Cohen wrote: > > > >>I also use Mandrake 10.1 so I should be able to help. After compiling >> >> > > > >>You can also recompile the source rpm which is what I did. Your system >>must be setup to rebuild rpms. >> >> > >Can you tell me if there ia yne wrong path or option used in building >the rpm from the pacakges SPEC file or 'fedora' source rpm? And if there >is, can you provide a fixed version for me to compare, and a proper way >of detecting a Mandrake system? > >Paul > >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > I followed the instructions on this site to setup Mandrake to rebuild rpms: http://qa.mandrakesoft.com/twiki/bin/view/Main/RpmHowTo In your home directory you'll need to create the necessary directory structure: mkdir -p ~/rpm/{BUILD,RPMS/i586,RPMS/noarch,SOURCES,SRPMS,SPECS,tmp} Then create these two files in your home directory: .rpmrc buildarchtranslate: i386: i586 buildarchtranslate: i486: i586 buildarchtranslate: i586: i586 buildarchtranslate: i686: i586 .rpmmacros %_topdir YOUR_HOME_DIR/rpm %_tmppath YOUR_HOME_DIR/rpm/tmp %_signature gpg %_gpg_name Mandrakelinux %_gpg_path ~/.gnupg %distribution Mandrakelinux %vendor Mandrakesoft Now you're ready to do rpm --rebuild. Jason From jcohen07 at brandeis.edu Wed Mar 30 18:50:59 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Wed, 30 Mar 2005 18:50:59 -0500 Subject: [OTR-users] gaim-otr plugin In-Reply-To: References: Message-ID: <424B3B63.5010603@brandeis.edu> Paul Wouters wrote: >On Mon, 28 Mar 2005, Jason Cohen wrote: > > > >>I also use Mandrake 10.1 so I should be able to help. After compiling >> >> > > > >>You can also recompile the source rpm which is what I did. Your system >>must be setup to rebuild rpms. >> >> > >Can you tell me if there ia yne wrong path or option used in building >the rpm from the pacakges SPEC file or 'fedora' source rpm? And if there >is, can you provide a fixed version for me to compare, and a proper way >of detecting a Mandrake system? > >Paul > >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > I'm not sure if I made this clear before. You DO NOT need new spec files. Once your system is setup to rebuild rpms, you can rebuild any srpm. It doesn't matter what system the source rpm was built under. From jcohen07 at brandeis.edu Wed Mar 30 21:30:45 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Wed, 30 Mar 2005 21:30:45 -0500 Subject: [OTR-users] Is there any way to prevent the "You attempted to send an unencrypted message" dialog? Message-ID: <424B60D5.2010303@brandeis.edu> Can this dailog be disabled? One would only get this message if they selected the option to require Private messaging. The message seems to only tell you what you should already know- no messages will be sent over the network unencrypted. The encrypted session must be initiated before the message can be sent. It would of course make sense to warn the user if a private session couldn't be initiated, but what's the point if one is setup successfully? If all messages are being encrypted, why warn the user? Jason From jcohen07 at brandeis.edu Wed Mar 30 21:54:55 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Wed, 30 Mar 2005 21:54:55 -0500 Subject: [OTR-users] Rate Limit Error message appears for no apparent reason Message-ID: <424B667F.4080702@brandeis.edu> While using OTR I received rate limit errors for no apparent reason. I don't even think I was having an active conversation at the time, though I did have one or two private sessions going. This happened to me on two or three occasions but I ignored it as an AIM screwup. However, upon reading the dev list, it seems behavior might be the fault of OTR. It's not reproduceable, so would I find the cause of the problem? Jason From gdt at ir.bbn.com Thu Mar 31 09:57:42 2005 From: gdt at ir.bbn.com (Greg Troxel) Date: 31 Mar 2005 09:57:42 -0500 Subject: [OTR-users] Is there any way to prevent the "You attempted to send an unencrypted message" dialog? In-Reply-To: <424B60D5.2010303@brandeis.edu> References: <424B60D5.2010303@brandeis.edu> Message-ID: Do you mean to suggest that on trying to send a message when there isn't a key setup to try to set up key if ok, send message encrypted if fail, tell user message was not sent instead of point out policy try tot set up key if ok, send message encrytped -- Greg Troxel From ian at cypherpunks.ca Thu Mar 31 11:12:12 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 31 Mar 2005 11:12:12 -0500 Subject: [OTR-users] Rate Limit Error message appears for no apparent reason In-Reply-To: <424B667F.4080702@brandeis.edu> References: <424B667F.4080702@brandeis.edu> Message-ID: <20050331161212.GF30200@smtp.paip.net> On Wed, Mar 30, 2005 at 09:54:55PM -0500, Jason Cohen wrote: > While using OTR I received rate limit errors for no apparent reason. I > don't even think I was having an active conversation at the time, though > I did have one or two private sessions going. This happened to me on > two or three occasions but I ignored it as an AIM screwup. However, upon > reading the dev list, it seems behavior might be the fault of OTR. It's > not reproduceable, so would I find the cause of the problem? There was indeed a problem with OTR that sometimes caused this behaviour, but it was fixed in 2.0.1. So assuming you're running the latest version, you shouldn't be running into the particular problem discussed on the dev list. - Ian From jcohen07 at brandeis.edu Thu Mar 31 16:30:12 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Thu, 31 Mar 2005 16:30:12 -0500 Subject: [OTR-users] Is there any way to prevent the "You attempted to send an unencrypted message" dialog? Message-ID: <424C6BE4.90403@brandeis.edu> Do you mean to suggest that on trying to send a message when there isn't a key setup to try to set up key if ok, send message encrypted if fail, tell user message was not sent instead of point out policy try tot set up key if ok, send message encrytped Yes, that's precisely what I mean to say. The user changed the default setting to require encrypted messaging. There's no reason to point out the policy every time he attempts to send a message, and there's nothing insecure about waiting until the session is setup to then send the message encrypted. So, if ALWAYS is set do this: (user sends message) Setup Key Exchange If ok, send message encrypted If fail, tell user that the message was not sent + recipient does not have OTR installed and can't setup private communications. From jcohen07 at brandeis.edu Thu Mar 31 16:33:32 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Thu, 31 Mar 2005 16:33:32 -0500 Subject: [OTR-users] Rate Limit Error message appears for no apparent reason In-Reply-To: <20050331161212.GF30200@smtp.paip.net> References: <424B667F.4080702@brandeis.edu> <20050331161212.GF30200@smtp.paip.net> Message-ID: <424C6CAC.5090103@brandeis.edu> Ian Goldberg wrote: >On Wed, Mar 30, 2005 at 09:54:55PM -0500, Jason Cohen wrote: > > >>While using OTR I received rate limit errors for no apparent reason. I >>don't even think I was having an active conversation at the time, though >>I did have one or two private sessions going. This happened to me on >>two or three occasions but I ignored it as an AIM screwup. However, upon >>reading the dev list, it seems behavior might be the fault of OTR. It's >>not reproduceable, so would I find the cause of the problem? >> >> > >There was indeed a problem with OTR that sometimes caused this >behaviour, but it was fixed in 2.0.1. So assuming you're running the >latest version, you shouldn't be running into the particular problem >discussed on the dev list. > > - Ian >_______________________________________________ >OTR-users mailing list >OTR-users at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > I have gaim-otr-2.0.1 as well as libotr-2.0.1 installed on my laptop, and the recipient (who also informed me that she was getting the same errors) installed gaim-otr-2.0.1.exe off the OTR site. I recompiled the Fedora Core Source RPM for Mandrake 10.1 and have had no other issues.