From ian@cypherpunks.ca Mon Mar 7 23:30:06 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Mon, 7 Mar 2005 18:30:06 -0500 Subject: [OTR-users] 1700 Message-ID: <20050307233006.GO980@smtp.paip.net> FYI, we just hit 1700 unique IP addresses downloading OTR software from the primary site. This of course doesn't count mirror sites, or take into account the fact that OTR software is "in" some distributions like Gentoo, or some clients like Adium X. Not bad (for a start). :-) - Ian From alex323@gmail.com Tue Mar 8 01:42:12 2005 From: alex323@gmail.com (alex323) Date: Mon, 07 Mar 2005 20:42:12 -0500 Subject: [OTR-users] 1700 In-Reply-To: <20050307233006.GO980@smtp.paip.net> References: <20050307233006.GO980@smtp.paip.net> Message-ID: <422D02F4.5040902@gmail.com> This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigC03505363146E79549A904B0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cool, nice work! I've been cought up with school lately and havn't been able to work on my C# implamentation. - Alex Ian Goldberg wrote: >FYI, we just hit 1700 unique IP addresses downloading OTR software from >the primary site. This of course doesn't count mirror sites, or take >into account the fact that OTR software is "in" some distributions like >Gentoo, or some clients like Adium X. > >Not bad (for a start). :-) > > - Ian >_______________________________________________ >OTR-users mailing list >OTR-users@lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > --------------enigC03505363146E79549A904B0 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) iQIVAwUBQi0C903+w3whDn4gAQIXvw//SfyOyhpo3a9Tf8FdfnlOrV711CXACJxY m1fa7ZPzCgloaJMg92aFJr7uFI6MZNctjjFiF9WJp+A4e+nzCd0ovbhp3712MuNb +j0WRDhg4GnSUzsCs7k8j14SMax2gEuH1K1XMErVD4RbDiLSdM7Rjxf08beLao1S b5dRBCgUEw460BWMh3pmcxbNV7ExfcCNd7Qbi717zqgMfbAOwHf67p/s3zVH7bQ9 QZOS8ngPOhicKjgHpXark+UGP1X4yHwkdfV4Df48uZCHCTqM1nEaF3EmGlM0z5SW iq68XDPwvIFu+rRsVSqVvxU1hHzllXMKQO4wF4PGnSUv4hmAaWAczgp91N0dIf6y pWfk1SqAU8OwKn3m6q7fBqe0s6mWbVpeuGMpY62cWyiAk7ZxE4/OQ7Y5+7kRC7HN e+xNVY2rcAJOJNV+PEWu8uMhlKNWIfSZ1OgRI7QoPuqwunO2VS89LAyKJ6ye+aQa gtHUfRe9Ugun5Mw3VJt+NN4HBgcaQsmwMbHA1XR49GW8e6zID+Jw3tPUbE8/kC+J EtUhPIib/o0mGltWs/YDtF7yKHqZ1/KMjH6YEqUTdlwZUO6uw8AtkyEaeP650W/o Rh2ZIgY6d3APZ3Wie4wLmDH39y5UB1DzrLl52yLNlgGYHuFjaZVwtGCWrxO1g81I YuFtShiUoSw= =LIiq -----END PGP SIGNATURE----- --------------enigC03505363146E79549A904B0-- From dcarrera@math.umd.edu Tue Mar 8 06:47:16 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Tue, 8 Mar 2005 01:47:16 -0500 Subject: [OTR-users] Thanks for the good work. Message-ID: <20050308064716.GO1484@math.umd.edu> Hey, "Thank you" is one of those things that people don't say often enough. So I wanted to say thanks to Ian and Nikita for making OTR. This is so cool. I so look forward to getting it up and running (so far compilation seems to be going well). I've read your paper. It's very intereesting. I like OTR, it's very clever. Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From dcarrera@math.umd.edu Tue Mar 8 07:03:27 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Tue, 8 Mar 2005 02:03:27 -0500 Subject: [OTR-users] Patch for Gaim plugin. Message-ID: <20050308070327.GP1484@math.umd.edu> Hello, I just tried compiling the GAIM plugin on Solaris SPARC, using gcc and GNU tools. The compilation dies on gtk-dialog.c : gtk-dialog.c: In function `otrg_gtk_dialog_private_key_wait_start': gtk-dialog.c:169: parse error before `handle' gtk-dialog.c:170: `handle' undeclared (first use in this function) gtk-dialog.c:170: (Each undeclared identifier is reported only once gtk-dialog.c:170: for each function it appears in.) gtk-dialog.c:182: warning: control reaches end of non-void function Fortunately, the fix is simple gtk-dialog.c 158a159 > OtrgDialogWaitHandle handle; 169c170,171 < OtrgDialogWaitHandle handle = malloc(sizeof(struct s_OtrgDialogWait)); --- > > handle = malloc(sizeof(struct s_OtrgDialogWait)); After doing this, the compilation went fine. Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From dcarrera@math.umd.edu Tue Mar 8 07:17:34 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Tue, 8 Mar 2005 02:17:34 -0500 Subject: [OTR-users] Help me test OTR ? Message-ID: <20050308071734.GQ1484@math.umd.edu> Whoo hoo!! I think I'm setup. I have a figerprint and all. My fingerprint is: 7C481247 CAED160E 379F9176 D76AF7A9 FC319806 Is there a kind soul who might help me test my brand new OTR plugin? I am on IM right now ("DanCarrer"). Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From ian@cypherpunks.ca Tue Mar 8 13:15:44 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Tue, 8 Mar 2005 08:15:44 -0500 Subject: [OTR-users] Patch for Gaim plugin. In-Reply-To: <20050308070327.GP1484@math.umd.edu> References: <20050308070327.GP1484@math.umd.edu> Message-ID: <20050308131544.GQ980@smtp.paip.net> On Tue, Mar 08, 2005 at 02:03:27AM -0500, Daniel Carrera wrote: > Hello, > > I just tried compiling the GAIM plugin on Solaris SPARC, using gcc and GNU > tools. The compilation dies on gtk-dialog.c : > > gtk-dialog.c: In function `otrg_gtk_dialog_private_key_wait_start': > gtk-dialog.c:169: parse error before `handle' > gtk-dialog.c:170: `handle' undeclared (first use in this function) > gtk-dialog.c:170: (Each undeclared identifier is reported only once > gtk-dialog.c:170: for each function it appears in.) > gtk-dialog.c:182: warning: control reaches end of non-void function > > > Fortunately, the fix is simple Thanks. The version of gcc we're using here (3.3.x) is too lenient about such matters. :-p Fixed. - Ian From paul@cypherpunks.ca Tue Mar 8 14:22:29 2005 From: paul@cypherpunks.ca (Paul Wouters) Date: Tue, 8 Mar 2005 15:22:29 +0100 (CET) Subject: [OTR-users] Help me test OTR ? In-Reply-To: <20050308071734.GQ1484@math.umd.edu> Message-ID: On Tue, 8 Mar 2005, Daniel Carrera wrote: > I think I'm setup. I have a figerprint and all. > > My fingerprint is: 7C481247 CAED160E 379F9176 D76AF7A9 FC319806 > > Is there a kind soul who might help me test my brand new OTR plugin? > I am on IM right now ("DanCarrer"). People testing OTR can always try and ring my desktop: PaulWouters@jabber.org 9944856 (AIM/ICQ) Paul From dcarrera@math.umd.edu Wed Mar 9 07:14:12 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Wed, 9 Mar 2005 02:14:12 -0500 Subject: [OTR-users] Promotting OTR. Message-ID: <20050309071412.GS13253@math.umd.edu> Hey folks, Just a quick thought on promotting OTR. I asked the Gaim people about listing OTR on their plugins page: http://gaim.sourceforge.net/plugins.php I mean, least they could di is remove the "gaim-e" link, which is dead anyways, and replace it with OTR. They said that I had to ask the OTR developers about posting it to their plugin tracker: http://sourceforge.net/projects/gaim Cheers, Daniel. PS: I also mentioned OTR on my blog: http://dcarrera.blogspot.com/ From ian@cypherpunks.ca Wed Mar 9 13:50:08 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Wed, 9 Mar 2005 08:50:08 -0500 Subject: [OTR-users] Promotting OTR. In-Reply-To: <20050309071412.GS13253@math.umd.edu> References: <20050309071412.GS13253@math.umd.edu> Message-ID: <20050309135008.GZ980@smtp.paip.net> On Wed, Mar 09, 2005 at 02:14:12AM -0500, Daniel Carrera wrote: > Hey folks, > > Just a quick thought on promotting OTR. I asked the Gaim people about > listing OTR on their plugins page: > > http://gaim.sourceforge.net/plugins.php > > I mean, least they could di is remove the "gaim-e" link, which is dead > anyways, and replace it with OTR. They said that I had to ask the OTR > developers about posting it to their plugin tracker: > > http://sourceforge.net/projects/gaim I didn't know about that page. Done. Thanks! - Ian From dcarrera@math.umd.edu Wed Mar 9 22:29:50 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Wed, 9 Mar 2005 17:29:50 -0500 Subject: [OTR-users] Promotting OTR. In-Reply-To: <20050309135008.GZ980@smtp.paip.net> References: <20050309071412.GS13253@math.umd.edu> <20050309135008.GZ980@smtp.paip.net> Message-ID: <20050309222950.GM13253@math.umd.edu> Ian Goldberg wrote: > > http://sourceforge.net/projects/gaim > > I didn't know about that page. Done. > > Thanks! Whoo hoo! I just went to the #gaim IRC channel. I raved about OTR and pointed them to the link you added. And guess what? 10min later, the Gaim plugin page now lists OTR. Check it out: http://gaim.sourceforge.net/plugins.php Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From kat@paip.net Wed Mar 9 22:37:47 2005 From: kat@paip.net (Kat Hanna) Date: Wed, 9 Mar 2005 17:37:47 -0500 (EST) Subject: [OTR-users] Promotting OTR. In-Reply-To: <20050309222950.GM13253@math.umd.edu> References: <20050309071412.GS13253@math.umd.edu> <20050309135008.GZ980@smtp.paip.net> <20050309222950.GM13253@math.umd.edu> Message-ID: You rock. On Wed, 9 Mar 2005, Daniel Carrera wrote: > Ian Goldberg wrote: > > > > http://sourceforge.net/projects/gaim > > > > I didn't know about that page. Done. > > > > Thanks! > > Whoo hoo! I just went to the #gaim IRC channel. I raved about OTR and > pointed them to the link you added. And guess what? 10min later, the Gaim > plugin page now lists OTR. Check it out: > > http://gaim.sourceforge.net/plugins.php > > Cheers, > -- > Daniel Carrera | I don't want it perfect, > Join OOoAuthors today! | I want it Tuesday. > http://oooauthors.org | > _______________________________________________ > OTR-users mailing list > OTR-users@lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users > From a-konovalenko@yandex.ru Thu Mar 10 00:55:09 2005 From: a-konovalenko@yandex.ru (Alexander Konovalenko) Date: Thu, 10 Mar 2005 03:55:09 +0300 (MSK) Subject: [OTR-users] OTR web page down Message-ID: <422F9AED.000042.25082@mfront8.yandex.ru> The OTR web site at http://www.xelerance.com/mirror/otr/ is down: everything possible (even the mime type) is 404 Not Found. Could you (Ian, Nikita) please fix that? Or are there any mirrors? Please CC me since I'm not on the list. -- Alexander From ian@cypherpunks.ca Thu Mar 10 01:16:32 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Wed, 9 Mar 2005 20:16:32 -0500 Subject: [OTR-users] OTR web page down In-Reply-To: <422F9AED.000042.25082@mfront8.yandex.ru> References: <422F9AED.000042.25082@mfront8.yandex.ru> Message-ID: <20050310011632.GE980@smtp.paip.net> On Thu, Mar 10, 2005 at 03:55:09AM +0300, Alexander Konovalenko wrote: > The OTR web site at http://www.xelerance.com/mirror/otr/ is down: > everything possible (even the mime type) is 404 Not Found. > > Could you (Ian, Nikita) please fix that? Or are there any mirrors? That site *is* the mirror. The primary site is http://www.cypherpunks.ca/otr/ Paul's the one in charge of the mirror. Paul, can you check on this? Thanks for the report, - Ian From paul@cypherpunks.ca Thu Mar 10 11:45:22 2005 From: paul@cypherpunks.ca (Paul Wouters) Date: Thu, 10 Mar 2005 12:45:22 +0100 (CET) Subject: [OTR-users] OTR web page down In-Reply-To: <422F9AED.000042.25082@mfront8.yandex.ru> Message-ID: On Thu, 10 Mar 2005, Alexander Konovalenko wrote: > The OTR web site at http://www.xelerance.com/mirror/otr/ is down: everything possible (even the mime type) is 404 Not Found. This has been fixed. That website moved servers and it was missing a link . > Could you (Ian, Nikita) please fix that? Or are there any mirrors? ftp://ftp.openswan.org/mirror/otr/ works as well. Paul From Gregory Maxwell Sat Mar 12 21:41:19 2005 From: Gregory Maxwell (Gregory Maxwell) Date: Sat, 12 Mar 2005 16:41:19 -0500 Subject: [OTR-users] Custom OTR replies Message-ID: It would be good if OTR had an option to discard cleartext IMs and reply with a customizable string, perhaps something like this: New AIM license: "...by posting Content on an AIM Product, you grant AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote this Content in any medium. You waive any right to privacy.'" Please use GAIM OTR ( http://www.cypherpunks.ca/otr/ ), all cleartext IMs will be ignored. Anyone else interested in a feature like this? From nate@asaim.com Sat Mar 12 21:01:39 2005 From: nate@asaim.com (Nato Welch) Date: Sat, 12 Mar 2005 13:01:39 -0800 Subject: [OTR-users] GAIM-OTR Protects Against AOL's Privacy Invasion Message-ID: <200503121301.39836.nate@asaim.com> http://n8o.r30.net/a2z/drupal/node/196 A timely review. Thought you all might like to know. -- -- Nato Welch nate@asaim.com From ian@cypherpunks.ca Sat Mar 12 22:58:38 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Sat, 12 Mar 2005 17:58:38 -0500 Subject: [OTR-users] GAIM-OTR Protects Against AOL's Privacy Invasion In-Reply-To: <200503121301.39836.nate@asaim.com> References: <200503121301.39836.nate@asaim.com> Message-ID: <20050312225838.GI980@smtp.paip.net> On Sat, Mar 12, 2005 at 01:01:39PM -0800, Nato Welch wrote: > http://n8o.r30.net/a2z/drupal/node/196 > > A timely review. Thought you all might like to know. Indeed; there have been over 150 new IP addresses downloading OTR software from the main site since the AOL TOS news hit slashdot this morning. We're up to 2048 right now. [Plus downloads from the mirror site, plus the copies in the various distros, etc., of course.] - Ian From dcarrera@math.umd.edu Sat Mar 12 23:18:53 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Sat, 12 Mar 2005 18:18:53 -0500 Subject: [OTR-users] GAIM-OTR Protects Against AOL's Privacy Invasion In-Reply-To: <20050312225838.GI980@smtp.paip.net> References: <200503121301.39836.nate@asaim.com> <20050312225838.GI980@smtp.paip.net> Message-ID: <20050312231852.GS18729@math.umd.edu> I just submitted this story to Linux today. I think the time is right for a knowledgeable person (ie. more knowledgeable than me) to write an article for Newsforge. It's not hard. The process is pretty painless. Newsforge caters to a different audience than Slashdot, so you would be reaching new people. NF has more bosses, decision makers, professionals etc. I work with OpenOffice.org documentation. I would gladly offer my services as a reviewer. Cheers, Daniel. On Sat, Mar 12, 2005 at 05:58:38PM -0500, Ian Goldberg wrote: > On Sat, Mar 12, 2005 at 01:01:39PM -0800, Nato Welch wrote: > > http://n8o.r30.net/a2z/drupal/node/196 > > > > A timely review. Thought you all might like to know. > > Indeed; there have been over 150 new IP addresses downloading OTR > software from the main site since the AOL TOS news hit slashdot this > morning. We're up to 2048 right now. [Plus downloads from the mirror > site, plus the copies in the various distros, etc., of course.] > > - Ian > _______________________________________________ > OTR-users mailing list > OTR-users@lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From alex323@gmail.com Sun Mar 13 00:50:04 2005 From: alex323@gmail.com (alex323) Date: Sat, 12 Mar 2005 19:50:04 -0500 Subject: [OTR-users] OTR blocking? In-Reply-To: <200503121301.39836.nate@asaim.com> References: <200503121301.39836.nate@asaim.com> Message-ID: <42338E3C.2040601@gmail.com> This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigD0462E4D5C16A769B34F7CA5 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Is there a chance that AIM/ICQ can filter out OTR messages (messages what start with "?OTR") all together? - Alex --------------enigD0462E4D5C16A769B34F7CA5 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) iQIVAwUBQjOOP03+w3whDn4gAQJgEBAAidxOUst6AaCK4EBP3Z08GcGjFuwFZmU8 CfCxZ7ighAHA8VMdfqjdc1qR5E2eggQLTVnMvWlD8WOyBd6o3po/vIqdTIjR6WFC eVG1OLFoezx4PYg+U3W/RgOqZttOC6+RRdGfg3RF8p49kqs+O3WUX7IcqcPZzSLo ocPqD/ZoGTBODijIKgwWAQiYSx1vz7vqfPGTD/vgveChL0CwLDSEr2WxCX87qJZs mPURPhQwSFq+LGn/LyatU+5BtiHaLQbn7JD9WilqO5JRKXpFF3eTnVnaPZ4QIaR/ 51huSnZVP0eVlTrDNhOkUeKdrEZdfn9RNBiIhLtT3TWlwJ98F6HQ9fo8iyPV2+lo kYhowZhaWHsnyba+7nUBKiwPdh8Hj4jZhi0l3RfWL5aessltuMzcaMlhYyRrE+xC qfLQKr3ulzoNnMFmn73q2vdKwdbwK2okUzJH9rxzC4BDsV3jeOy+ki59qTjFvVSL Ex9IR1+Ib2cS3oJ4fXdI/42tNS86VNOFQ0Zpzsa+NncfEmRw4DLkXQP7Cj45jysf nrh0Sq/tJXpGK3pJqjTOsfJeW5JEpl0wk2sPSbwQqZHVUbPHwQeHj2sa4HOAlQzU KBksSLFLrkKB4qLfgTfU+dytX01S9bzuNToduMRwhz+wgJ5US4P6fyibHvMYFd9N aRZ7jpGHb3A= =Oblx -----END PGP SIGNATURE----- --------------enigD0462E4D5C16A769B34F7CA5-- From dcarrera@math.umd.edu Sun Mar 13 01:35:06 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Sat, 12 Mar 2005 20:35:06 -0500 Subject: [OTR-users] OTR on Mac OS X. Message-ID: <20050313013506.GV18729@math.umd.edu> Hello, I need some advice. I have a friend using Mac OS X. I want to use OTR to talk to her privately. I figured that setting up the OTR proxy would be difficult. She is semi-technical, but not very, and I have never touched a Mac. And I can't find any instructions on the OTR home page. I figured it'd be better to wait until Adium 0.8 came out, but we're getting inpatient. There are some things we want to discuss, but only with OTR. What would you recommend? * Is the OTR proxy hard to install and use on Mac OS X? * If it isn't, where can I find instructions? * Should I tell her to install Adium X 0.8 beta 3 ? Adium X doesn't seem to have instructions for OTR either. :-( Normally I'd just try all these options myself and pick what I think will work best for her. But since I don't have a Mac, I can't do that. Help? Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From rabbi@abditum.com Sun Mar 13 01:43:52 2005 From: rabbi@abditum.com (Len Sassaman) Date: Sat, 12 Mar 2005 17:43:52 -0800 (PST) Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: <20050313013506.GV18729@math.umd.edu> References: <20050313013506.GV18729@math.umd.edu> Message-ID: On Sat, 12 Mar 2005, Daniel Carrera wrote: > What would you recommend? If she uses iChat or a non-Adium client now, use the proxy. OTR is really trivial, but switching chat clients may not be. Install the OTR proxy (double click the installer, etc., etc.) Launch it. (It lives in the Applications folder. You probably want to put an alias in the startup items folder as well. (That really ought to be done by the installer, anyway.) Configure iChat to use the proxy: Preferences, server settings, use proxy, localhost, port 8080, protocol HTTP. Voila. From dcarrera@math.umd.edu Sun Mar 13 01:47:55 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Sat, 12 Mar 2005 20:47:55 -0500 Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: References: <20050313013506.GV18729@math.umd.edu> Message-ID: <20050313014755.GX18729@math.umd.edu> Len Sassaman wrote: > If she uses iChat or a non-Adium client now, use the proxy. OTR is really > trivial, but switching chat clients may not be. Ok. She alternates between iChat and Adium X. Seems to prefer iChat. > Launch it. Does she have to launch it every time she starts iChat? What happens if she forgets? > Configure iChat to use the proxy: Preferences, server settings, use proxy, > localhost, port 8080, protocol HTTP. That looks simple enough. :-) Next time I see her on IM (prob tonight) I'll tell her. Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From rabbi@abditum.com Sun Mar 13 02:00:38 2005 From: rabbi@abditum.com (Len Sassaman) Date: Sat, 12 Mar 2005 18:00:38 -0800 (PST) Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: <20050313014755.GX18729@math.umd.edu> References: <20050313013506.GV18729@math.umd.edu> <20050313014755.GX18729@math.umd.edu> Message-ID: On Sat, 12 Mar 2005, Daniel Carrera wrote: > Ok. She alternates between iChat and Adium X. Seems to prefer iChat. Well, the proxy will work for either. (You'll have to consult the Adium X docs to figure out how to configure a proxy, though.) > > Launch it. > > Does she have to launch it every time she starts iChat? Yes. > What happens if she forgets? iChat won't connect to AIM, and will give a "can't connect to proxy" error, or somesuch. > > Configure iChat to use the proxy: Preferences, server settings, use proxy, > > localhost, port 8080, protocol HTTP. > > That looks simple enough. :-) Yep. (Note, I'm pulling this off of my memory, and don't have a Mac in front of me. So I can't describe the steps better -- there really should be a FAQ and screenshots for this somewhere.) Also, you can't edit the proxy settings while you're logged in. So, she'll have to disconnect from AIM in order to do this. From dcarrera@math.umd.edu Sun Mar 13 02:04:37 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Sat, 12 Mar 2005 21:04:37 -0500 Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: References: <20050313013506.GV18729@math.umd.edu> <20050313014755.GX18729@math.umd.edu> Message-ID: <20050313020437.GY18729@math.umd.edu> Hi Len, Thanks for the help! > Also, you can't edit the proxy settings while you're logged in. So, > she'll have to disconnect from AIM in order to do this. But she could be talking to me with Adium X while we configure iChat, right? Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From rabbi@abditum.com Sun Mar 13 02:11:16 2005 From: rabbi@abditum.com (Len Sassaman) Date: Sat, 12 Mar 2005 18:11:16 -0800 (PST) Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: <20050313020437.GY18729@math.umd.edu> References: <20050313013506.GV18729@math.umd.edu> <20050313014755.GX18729@math.umd.edu> <20050313020437.GY18729@math.umd.edu> Message-ID: On Sat, 12 Mar 2005, Daniel Carrera wrote: > Hi Len, > > Thanks for the help! No problem. Want to write this part of the FAQ when you're done? :) > > Also, you can't edit the proxy settings while you're logged in. So, > > she'll have to disconnect from AIM in order to do this. > > But she could be talking to me with Adium X while we configure iChat, > right? Yes, certainly. From dcarrera@math.umd.edu Sun Mar 13 03:03:27 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Sat, 12 Mar 2005 22:03:27 -0500 Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: References: <20050313013506.GV18729@math.umd.edu> <20050313014755.GX18729@math.umd.edu> Message-ID: <20050313030327.GC18729@math.umd.edu> Len Sassaman wrote: > > What happens if she forgets? > > iChat won't connect to AIM, and will give a "can't connect to proxy" > error, or somesuch. We're getting setup right now. I have another question: How do you tell the proxy that one chat is OTR and another isn't? How do you start/stop OTR for some conversation? Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From Gregory Maxwell Sun Mar 13 04:52:49 2005 From: Gregory Maxwell (Gregory Maxwell) Date: Sat, 12 Mar 2005 23:52:49 -0500 Subject: [OTR-users] otr proxy Message-ID: One of my not-yet-otr-using-friends runs some curses AIM client... He's trying to use OTRproxy, ... but it turns out that otr proxy expects an X server.. That isn't going to work for him. Can we get an option for x-less clients? From dcarrera@math.umd.edu Sun Mar 13 07:17:55 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Sun, 13 Mar 2005 02:17:55 -0500 Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: References: <20050313013506.GV18729@math.umd.edu> Message-ID: <20050313071755.GL18729@math.umd.edu> Whoo hoo!! Success!! My friend and I successfully established an OTR connection and talked in privacy. Thanks! I have a question: Does the proxy also provide a GUI for key management? So she can verify fingerprints and all? If so, how would she get to that GUI ? Thanks again! Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From aldert@rotz.org Sun Mar 13 07:34:53 2005 From: aldert@rotz.org (Aldert J.B.P. Hazenberg) Date: Sun, 13 Mar 2005 08:34:53 +0100 Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: <20050313013506.GV18729@math.umd.edu> References: <20050313013506.GV18729@math.umd.edu> Message-ID: <4233ED1D.7010808@rotz.org> Daniel Carrera wrote: > Hello, > > I need some advice. > > I have a friend using Mac OS X. I want to use OTR to talk to her > privately. I figured that setting up the OTR proxy would be difficult. She > is semi-technical, but not very, and I have never touched a Mac. And I > can't find any instructions on the OTR home page. > > I figured it'd be better to wait until Adium 0.8 came out, but we're > getting inpatient. There are some things we want to discuss, but only with > OTR. > > What would you recommend? > > * Is the OTR proxy hard to install and use on Mac OS X? > * If it isn't, where can I find instructions? > * Should I tell her to install Adium X 0.8 beta 3 ? > Adium X doesn't seem to have instructions for OTR either. :-( > > Normally I'd just try all these options myself and pick what I think will > work best for her. But since I don't have a Mac, I can't do that. > > Help? > I described how to glue OTR proxy and iChat a while ago : http://rotz.org/archives/2005/02/otr_and_osx.html If the guys add an WIKI to the OTR site I will add this including the appropiate screenshots. Aldert. From paul@cypherpunks.ca Sun Mar 13 12:00:29 2005 From: paul@cypherpunks.ca (Paul Wouters) Date: Sun, 13 Mar 2005 13:00:29 +0100 (CET) Subject: [OTR-users] OTR blocking? In-Reply-To: <42338E3C.2040601@gmail.com> Message-ID: On Sat, 12 Mar 2005, alex323 wrote: > Is there a chance that AIM/ICQ can filter out OTR messages (messages > what start with "?OTR") all together? Yes, they can. And OTR could play hide and seek, but it would probably be a good time to dump AIM/ICQ completely when that happens. Paul From paul@cypherpunks.ca Sun Mar 13 12:10:46 2005 From: paul@cypherpunks.ca (Paul Wouters) Date: Sun, 13 Mar 2005 13:10:46 +0100 (CET) Subject: [OTR-users] Custom OTR replies In-Reply-To: Message-ID: On Sat, 12 Mar 2005, Gregory Maxwell wrote: > It would be good if OTR had an option to discard cleartext IMs and > reply with a customizable string, perhaps something like this: I guess you can sort of do that by setting the default OTR setting to 'require private messaging'. Paul From paul@cypherpunks.ca Sun Mar 13 12:21:53 2005 From: paul@cypherpunks.ca (Paul Wouters) Date: Sun, 13 Mar 2005 13:21:53 +0100 (CET) Subject: [OTR-users] otr proxy In-Reply-To: Message-ID: On Sat, 12 Mar 2005, Gregory Maxwell wrote: > One of my not-yet-otr-using-friends runs some curses AIM client... > > He's trying to use OTRproxy, ... but it turns out that otr proxy > expects an X server.. > That isn't going to work for him. Really? There is no way to disable the GUI and therefor the need for the X server? Paul From ian@cypherpunks.ca Sun Mar 13 14:34:19 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Sun, 13 Mar 2005 09:34:19 -0500 Subject: [OTR-users] otr proxy In-Reply-To: References: Message-ID: <20050313143419.GK980@smtp.paip.net> On Sun, Mar 13, 2005 at 01:21:53PM +0100, Paul Wouters wrote: > Really? There is no way to disable the GUI and therefor the need for the X > server? In 0.2.0? There really isn't. That should exist before 1.0.0, though. The UI was intentionally designed to be well-separated from the main proxy code, so that you could plug in X / curses / whatever easily. Someone just needs to write the curses (or even just textmode) UI... - Ian From ian@cypherpunks.ca Sun Mar 13 14:31:29 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Sun, 13 Mar 2005 09:31:29 -0500 Subject: [OTR-users] OTR on Mac OS X. In-Reply-To: <20050313071755.GL18729@math.umd.edu> References: <20050313013506.GV18729@math.umd.edu> <20050313071755.GL18729@math.umd.edu> Message-ID: <20050313143129.GJ980@smtp.paip.net> On Sun, Mar 13, 2005 at 02:17:55AM -0500, Daniel Carrera wrote: > I have a question: Does the proxy also provide a GUI for key management? So she can > verify fingerprints and all? If so, how would she get to that GUI ? Yes. It's under Edit->Preferences. You get the UI which has the OTR preferences and the list of keys. - Ian From patrick.luby@planamesa.com Sun Mar 13 19:46:03 2005 From: patrick.luby@planamesa.com (Patrick Luby) Date: Sun, 13 Mar 2005 11:46:03 -0800 Subject: [OTR-users] Mac OS X Jaguar support? Message-ID: <4234987B.7020302@planamesa.com> I just downloaded OTR and tried to run it on Jaguar. Not suprisingly, it wouldn't start due to dyld's inability to find /usr/lib/libiconv.2.dylib. I assume OTR is compiled on Panther. Is there any hope that future releases will be compiled on Jaguar? FYI. I use Jaguar because I release open source software and in order to support both Jaguar and Panther, I need to compile it on Jaguar. Thanks, Patrick -- _________________________________________________________________ Patrick Luby Planamesa Software patrick.luby@planamesa.com http://www.planamesa.com _________________________________________________________________ From ian@cypherpunks.ca Mon Mar 14 02:32:07 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Sun, 13 Mar 2005 21:32:07 -0500 Subject: [OTR-users] Mac OS X Jaguar support? In-Reply-To: <4234987B.7020302@planamesa.com> References: <4234987B.7020302@planamesa.com> Message-ID: <20050314023207.GP980@smtp.paip.net> On Sun, Mar 13, 2005 at 11:46:03AM -0800, Patrick Luby wrote: > I just downloaded OTR and tried to run it on Jaguar. > > Not suprisingly, it wouldn't start due to dyld's inability to find > /usr/lib/libiconv.2.dylib. > > I assume OTR is compiled on Panther. Is there any hope that future > releases will be compiled on Jaguar? > > FYI. I use Jaguar because I release open source software and in order to > support both Jaguar and Panther, I need to compile it on Jaguar. I don't know if Nikita has access to Jaguar. Nikita? Alternately, have you tried building it yourself? You'll need to install wxMac 2.5.x, and the bits to make an OSX package, which Nikita should have. - Ian From paul@cypherpunks.ca Mon Mar 14 10:34:18 2005 From: paul@cypherpunks.ca (Paul Wouters) Date: Mon, 14 Mar 2005 11:34:18 +0100 (CET) Subject: [OTR-users] Mac OS X Jaguar support? In-Reply-To: <20050314023207.GP980@smtp.paip.net> Message-ID: On Sun, 13 Mar 2005, Ian Goldberg wrote: > Alternately, have you tried building it yourself? You'll need to > install wxMac 2.5.x, and the bits to make an OSX package, which Nikita > should have. Those bits should go into packaging/macosx/ Paul, who only has Panther too From rabbi@abditum.com Mon Mar 14 15:46:42 2005 From: rabbi@abditum.com (Len Sassaman) Date: Mon, 14 Mar 2005 07:46:42 -0800 (PST) Subject: [OTR-users] Mac OS X Jaguar support? In-Reply-To: References: Message-ID: On Mon, 14 Mar 2005, Paul Wouters wrote: > Those bits should go into packaging/macosx/ > > Paul, who only has Panther too You should be able to build for Jaguar using the Jaguar-specific SDKs (an optional install with XCode.) From GPowers@douglas.co.us Tue Mar 15 20:00:00 2005 From: GPowers@douglas.co.us (Gregg Powers) Date: Tue, 15 Mar 2005 13:00:00 -0700 Subject: [OTR-users] YIM Message-ID: This is a MIME message. If you are reading this text, you may want to consider changing to a mail reader or gateway that understands how to properly handle MIME multipart messages. --=__PartF3D08BD0.0__= Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Does OTR support Yahoo Instant Messenger? --=__PartF3D08BD0.0__= Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Description: HTML
Does OTR support Yahoo Instant Messenger?
 
 
--=__PartF3D08BD0.0__=-- From alex323@gmail.com Tue Mar 15 21:53:12 2005 From: alex323@gmail.com (alex323) Date: Tue, 15 Mar 2005 16:53:12 -0500 Subject: [OTR-users] YIM In-Reply-To: References: Message-ID: <42375948.800@gmail.com> This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig7397C27105D5716752986511 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit OTR is mearly a protocol that is used over other protocols such as AIM, YIM, MSN, Jabber and all the other protocols gaim supports. Think of OTR as Russian. You can speak it on any protocol like AIM and nobody knows what you are saying :) Hope that clarifies it. - Alex Gregg Powers wrote: > Does OTR support Yahoo Instant Messenger? --------------enig7397C27105D5716752986511 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) iQIVAwUBQjdZTk3+w3whDn4gAQLaehAApJIqLMr06rv61dyYgojan13Mp8OR5U2R 5EIqdfnX06NW5MCh0DzE0hJupCthjfEu5zTl5Yn0d3k1+SfDOMJeEmsS4cuMrnxk NiSU/OdJrysKhSkBh2NDNw0LvwZgQ+QEv0S506yXSeqaLY3Y8r6JmT//gy9Zk1Y9 kQ/WO0aNZww6sjtUEFYxqh+LIRkFMzVfNmW+C7yNUIUHMY2iNPsxnMfUIyotGLfa srJcADZaljKzokX/uuJzgq6Ou5xUGIcrdUQs/JjMFLZqq1Bff4ARJZf9EfjCSl9V 4LV4ZlOZc+40sM4iaSecnozOyHSyQqwzGVmtagrXqQwDl8onhmva+wj5J0y4rntf XwWCwhYm27c6BPbj5Wseiadzy3nH1Eo5FpgXQFXujMnVwsmV1ube6sId4o6u2shc fLxPV44f1dTw9gjBZB3A6niTvZmEW2ac3nD3OB6Y3br9bzZHRMMbs2cv+KFN2sas RrG1V74iV7xiL882X9spLVSBbcIED3bfvPqvAmMcHGwIbb+TJ/GyLBHw/xeB+v9a BqVrUMZE3VRT7nLHukaPaXyWRJaSBq4QzYkIKS9W/XdWwYUOQX5Nd7rosA3pVNZH fBpDqADrmDgVkNUNyoioY5pafTQ6GptqdOdd0OFx0q2bPaJtCcYnYwzHUKq9lIko 8blzCD6TbU4= =o3ja -----END PGP SIGNATURE----- --------------enig7397C27105D5716752986511-- From kat@paip.net Wed Mar 16 00:58:30 2005 From: kat@paip.net (Kat Hanna) Date: Tue, 15 Mar 2005 19:58:30 -0500 (EST) Subject: [OTR-users] YIM In-Reply-To: References: Message-ID: On Tue, 15 Mar 2005, Gregg Powers wrote: > Does OTR support Yahoo Instant Messenger? If you're using gaim as your client, otr works over the yahoo IM network. There have been problems reported with very long messages (in the 1K range). This stems from otr overhead that's added to the message that you type. Note that every network has this max message size issue. A future version of lib-otr should handle fragmentation of long messages, which will solve this problem. If you don't use gaim, you're currently out of luck. The localhost proxy only works on the AIM/ICQ network right now. -Kat From batshua@rm-f.net Fri Mar 18 20:18:46 2005 From: batshua@rm-f.net (Batshua) Date: Fri, 18 Mar 2005 15:18:46 -0500 Subject: [OTR-users] Augh! Message-ID: Uhm, hi. My name is Batshua and I just broke my AIM. I am running otrproxy 0.2.0 on an oldschool [400 mHz] PowerBook G4 running OS X 10.3.8. AIM is not playing nicely with otrproxy like I asked it to. All of a sudden it's unexpectedly quitting. I was thinking of trying to edit the plist file to make the proxy work differently in hopes that it would make AIM behave. I'm reading through the otr mailing list archives right now. Has this happened to anyone? Any suggestions? Thanks! From batshua@rm-f.net Fri Mar 18 20:28:02 2005 From: batshua@rm-f.net (Batshua) Date: Fri, 18 Mar 2005 15:28:02 -0500 Subject: [OTR-users] Augh! Addendum Message-ID: <580b68dafc225e29b61f936bbf890977@rm-f.net> Silly me! I forgot to mention I told AIM to use SOCKS5. Should I have told it something else instead? Batshua, who is apparently quite flustered at the moment From kat@paip.net Fri Mar 18 21:01:57 2005 From: kat@paip.net (Kat Hanna) Date: Fri, 18 Mar 2005 16:01:57 -0500 (EST) Subject: [OTR-users] Augh! Addendum In-Reply-To: <580b68dafc225e29b61f936bbf890977@rm-f.net> References: <580b68dafc225e29b61f936bbf890977@rm-f.net> Message-ID: On Fri, 18 Mar 2005, Batshua wrote: > Silly me! I forgot to mention I told AIM to use SOCKS5. Should I have > told it something else instead? Which AIM client are you using? iChat? If so, the you should be using HTTP on port 8080. AOL's AIM client? I think you may be the first person we've heard of using it. If that's the case, I'd suggest trying HTTPS on 8080, as well. [Are you aware that the beta release of Adium X has OTR support built in? I don't know how married you are to your client.] Do let us know what happens. -Kat From swimmerooo@yahoo.com Mon Mar 21 21:13:48 2005 From: swimmerooo@yahoo.com (Ryan R. Matt) Date: Mon, 21 Mar 2005 13:13:48 -0800 (PST) Subject: [OTR-users] gaim-otr plugin Message-ID: <20050321211348.35653.qmail@web40828.mail.yahoo.com> Hello, I am using Mandrake 10.1 so I downloaded the source files and compiled them. I installed libotr.2.0.1 without any problems. I followed the readme's advice and downloaded and installed pkg-config 0.15 with any problems. Then I downloaded and compiled gaim-otr. So far no problem. It installs in the proper directories (/usr/lib/gaim) and I copy it to ~/.gaim and ~/.gaim/plugins as per the README file. I then opened up gaim and opened up the preferences menu and selected the plugins menu. while searching the menu i cannot find the Gaim-OTR plugin listed. I don't know what other information to provide because i'm not really sure what the problem is, i.e., I even rebooted the system and logged in and still no luck with getting gaim to register the plugin. I have gaim-encryption right now, but my friend said that OTR was better. I have gaim-devel installed as well. My gaim verision is 1.2.0. Any advice would be greately appreciated. Thank you for your courtesies. Sincerely, Ryan __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ From ian@cypherpunks.ca Mon Mar 21 21:16:48 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Mon, 21 Mar 2005 16:16:48 -0500 Subject: [OTR-users] gaim-otr plugin In-Reply-To: <20050321211348.35653.qmail@web40828.mail.yahoo.com> References: <20050321211348.35653.qmail@web40828.mail.yahoo.com> Message-ID: <20050321211648.GM26798@smtp.paip.net> On Mon, Mar 21, 2005 at 01:13:48PM -0800, Ryan R. Matt wrote: > I don't know what other information to provide because > i'm not really sure what the problem is, i.e., I even > rebooted the system and logged in and still no luck > with getting gaim to register the plugin. It sounds like gaim-otr isn't finding a library it needs. Try running gaim with the "-d" option, and see what it tells you. Also try "ldd /usr/lib/gaim/gaim-otr.so". - Ian From swimmerooo@yahoo.com Mon Mar 21 21:48:10 2005 From: swimmerooo@yahoo.com (Ryan R. Matt) Date: Mon, 21 Mar 2005 13:48:10 -0800 (PST) Subject: [OTR-users] gaim-otr plugin In-Reply-To: 6667 Message-ID: <20050321214810.22263.qmail@web40826.mail.yahoo.com> I owe you guys an apology for wasting your time. I looked back on my commands and I configured the library with the wrong prefix directory. Sorry for wasting your time. Thank you for your patience. --- IaIn Goldberg wrote: > On Mon, Mar 21, 2005 at 01:13:48PM -0800, Ryan R. > Matt wrote: > > I don't know what other information to provide > because > > i'm not really sure what the problem is, i.e., I > even > > rebooted the system and logged in and still no > luck > > with getting gaim to register the plugin. > > It sounds like gaim-otr isn't finding a library it > needs. Try running > gaim with the "-d" option, and see what it tells > you. Also try > "ldd /usr/lib/gaim/gaim-otr.so". > > - Ian > _______________________________________________ > OTR-users mailing list > OTR-users@lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users > Ryan R. Matt 300 Western Ave. Apt. #A24 Lansing, MI 48917 517.487.9207 315.404.1594 (cell) ________________________________________________________________________ "If you truly believe, then you will find a way to achieve" "When the window of opportunity closes on you, simply go through the door." "What the mind believes, the body achieves!" ~unknown __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ From michael.wright@janusresearch.com Tue Mar 22 15:19:11 2005 From: michael.wright@janusresearch.com (Michael F. Wright) Date: Tue, 22 Mar 2005 10:19:11 -0500 Subject: [OTR-users] (no subject) Message-ID: <200503221523.j2MFMv3S004466@ded412-lin-175-12.netsonic.net> Hello! I've been using OTR and GAIM for some time with great success. However, when attempting to use the OTR proxy with the AIM protocol under Trillian, it fails. I installed the binary for Win32 located at: http://www.cypherpunks.ca/otr/binaries/windows/gaim-otr-2.0.1.exe One thing I noticed that's different bahavior than is expected from the README is that, when I start otrproxy, there is no output whatsoever. The output in the README that contains the copyright statement, version, etc. does not appear until after I CLOSE the UI for otrproxy, which kills the process. When I start it up and try to connect to AIM via Trillian, it never does connect. I have tried both the SOCKS5 and the HTTP proxies on ports 1080 and 8080 respectively. Interestingly enough, when I run netstat after starting otrproxy, I do see my system listening on those ports. Any thoughts? From batshua@rm-f.net Tue Mar 22 15:42:22 2005 From: batshua@rm-f.net (Batshua) Date: Tue, 22 Mar 2005 10:42:22 -0500 Subject: [OTR-users] Okay, it's all working now. Sort of. Message-ID: Is it acceptable for me to ask for help testing OTR proxy here? [If not, just disregard this email and accept my humblest apologies.] iChat seems to be working fine. I've got AIM, iChat, and ICQ and at least for now going to test just iChat a bit further and experiment with ICQ. AIM is being too testy today. Batshua From ian@cypherpunks.ca Tue Mar 22 15:42:17 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Tue, 22 Mar 2005 10:42:17 -0500 Subject: [OTR-users] (no subject) In-Reply-To: <200503221523.j2MFMv3S004466@ded412-lin-175-12.netsonic.net> References: <200503221523.j2MFMv3S004466@ded412-lin-175-12.netsonic.net> Message-ID: <20050322154217.GR26798@smtp.paip.net> On Tue, Mar 22, 2005 at 10:19:11AM -0500, Michael F. Wright wrote: > Hello! > > I've been using OTR and GAIM for some time with great success. However, when > attempting to use the OTR proxy with the AIM protocol under Trillian, it > fails. > > I installed the binary for Win32 located at: > http://www.cypherpunks.ca/otr/binaries/windows/gaim-otr-2.0.1.exe [I assume you mean the otrproxy.exe, not the gaim-otr.exe.] > One thing I noticed that's different bahavior than is expected from the > README is that, when I start otrproxy, there is no output whatsoever. The > output in the README that contains the copyright statement, version, etc. > does not appear until after I CLOSE the UI for otrproxy, which kills the > process. Aha! We had gotten another report of "no output on Win32", but this report of "doesn't show up until the UI closes" suggests that Win32 needs fflush(stdout) more than other platforms. We'll fix this in CVS. Thanks! > When I start it up and try to connect to AIM via Trillian, it never > does connect. I have tried both the SOCKS5 and the HTTP proxies on ports > 1080 and 8080 respectively. > > Interestingly enough, when I run netstat after starting otrproxy, I do see > my system listening on those ports. > > Any thoughts? We've also had other reports of this happening (intermittently; you should try again later) with Trillian. It turns out there's about to be non-trivial changes to the networking bits of the proxy, so we'll make sure to well-instrument them, so that we can figure out what's going on. One theory is that, on occasion, the AIM server just takes too long to respond, and the TCP connect times out. Somehow this isn't being reported back to Trillian (the SOCKS5 connection should close if this happens), and Trillian never retries it (which it does in the direct-connect case). Thanks again for the bug reports! - Ian From kat@paip.net Tue Mar 22 15:53:10 2005 From: kat@paip.net (Kat Hanna) Date: Tue, 22 Mar 2005 10:53:10 -0500 (EST) Subject: [OTR-users] Okay, it's all working now. Sort of. In-Reply-To: References: Message-ID: On Tue, 22 Mar 2005, Batshua wrote: > Is it acceptable for me to ask for help testing OTR proxy here? Sure. You might mention your username(s), or, if you prefer, ask for private email replies to exchange that information. > [If not, just disregard this email and accept my humblest apologies.] > > iChat seems to be working fine. I've got AIM, iChat, and ICQ and at > least for now going to test just iChat a bit further and experiment > with ICQ. AIM is being too testy today. -Kat From michael.wright@janusresearch.com Tue Mar 22 16:10:02 2005 From: michael.wright@janusresearch.com (Michael F. Wright) Date: Tue, 22 Mar 2005 11:10:02 -0500 Subject: [OTR-users] (no subject) In-Reply-To: <20050322154217.GR26798@smtp.paip.net> Message-ID: <200503221613.j2MGDm3S005609@ded412-lin-175-12.netsonic.net> > -----Original Message----- > From: Ian Goldberg [mailto:ian@cypherpunks.ca] > Sent: Tuesday, March 22, 2005 10:42 AM > To: michael.wright@janusresearch.com > Cc: otr-users@lists.cypherpunks.ca > Subject: Re: [OTR-users] (no subject) > > On Tue, Mar 22, 2005 at 10:19:11AM -0500, Michael F. Wright wrote: > > Hello! > > > > I've been using OTR and GAIM for some time with great success. > > However, when attempting to use the OTR proxy with the AIM protocol > > under Trillian, it fails. > > > > I installed the binary for Win32 located at: > > http://www.cypherpunks.ca/otr/binaries/windows/gaim-otr-2.0.1.exe > > [I assume you mean the otrproxy.exe, not the gaim-otr.exe.] Yes. I apologize for this oversight. I was in a hurry when I posted. The link I downloaded is at: http://www.cypherpunks.ca/otr/binaries/windows/otrproxy-0.2.0-2.exe :) > > > One thing I noticed that's different bahavior than is expected from > > the README is that, when I start otrproxy, there is no output > > whatsoever. The output in the README that contains the > copyright statement, version, etc. > > does not appear until after I CLOSE the UI for otrproxy, > which kills > > the process. > > Aha! We had gotten another report of "no output on Win32", > but this report of "doesn't show up until the UI closes" > suggests that Win32 needs fflush(stdout) more than other > platforms. We'll fix this in CVS. > > Thanks! No problem. > > > When I start it up and try to connect to AIM via Trillian, it never > > does connect. I have tried both the SOCKS5 and the HTTP proxies on > > ports 1080 and 8080 respectively. > > > > Interestingly enough, when I run netstat after starting > otrproxy, I do > > see my system listening on those ports. > > > > Any thoughts? > > We've also had other reports of this happening > (intermittently; you should try again later) with Trillian. > It turns out there's about to be non-trivial changes to the > networking bits of the proxy, so we'll make sure to > well-instrument them, so that we can figure out what's going on. > > One theory is that, on occasion, the AIM server just takes > too long to respond, and the TCP connect times out. Somehow > this isn't being reported back to Trillian (the SOCKS5 > connection should close if this happens), and Trillian never > retries it (which it does in the direct-connect case). > > Thanks again for the bug reports! I've used an ssh proxy in the past to circumvent firewalls and the like. By setting up a dynamic port-forwarding ssh tunnel, I've successfully connected to AIM through a SOCKS4 proxy, which the ssh tunnel builds. So, I know that other proxies work in a timely fashion from this PC. If you need any other info from me, let me know! I'm looking forward to more great code from the OTR team! > > - Ian > From paul@cypherpunks.ca Tue Mar 22 23:33:53 2005 From: paul@cypherpunks.ca (Paul Wouters) Date: Wed, 23 Mar 2005 00:33:53 +0100 (CET) Subject: [OTR-users] gaim-otr plugin In-Reply-To: <20050321214810.22263.qmail@web40826.mail.yahoo.com> Message-ID: On Mon, 21 Mar 2005, Ryan R. Matt wrote: > I owe you guys an apology for wasting your time. I > looked back on my commands and I configured the > library with the wrong prefix directory. Did you try using the src.rpm? I was curious whether the source rpm would build usable gaim-otr rpms on Mandrake. Paul From aldert@rotz.org Wed Mar 23 19:53:02 2005 From: aldert@rotz.org (Aldert J.B.P. Hazenberg) Date: Wed, 23 Mar 2005 20:53:02 +0100 Subject: [OTR-users] OTR-proxy support voor non aim/icq ? (I like to Jabber with OTR using AdiumX) Message-ID: <4241C91E.7080905@rotz.org> Hi Guys, I installed today AdiumX (for OSX) to test some OTR stuff and in one go decided to 'ditch' iChat and start using AdiumX. Boy this tool rocks! AdiumX is the 'gaim for osx' I would say :) Perfect ! As I now have AdiumX I also needed to install OTR-proxy and I realized that OTR-proxy only supports the usage of aim/icq in AdiumX, as I like to also OTR with my jabber enabled friends : - Any schedule for when OTR-proxy will support Jabber ? - And, more long term maybe, support for all non aim/icq IM protocols ? - I also noticed that the 0.8 version of Adium will support OTR out of the box and I also wondered when this 0.8 version is due but that is better a question for the AdiumX forum I guess :) I ask this as here as it would be totally great if the behaviour for setting OTR options per 'user' would be the same in Gaim and AdiumX... Aldert. ps, OTR : http://www.cypherpunks.ca/otr/ AdiumX : http://www.adiumx.com/ Gaim : http://gaim.sourceforge.net/ From dcarrera@math.umd.edu Wed Mar 23 21:16:11 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Wed, 23 Mar 2005 16:16:11 -0500 Subject: [OTR-users] OTR-proxy support voor non aim/icq ? (I like to Jabber with OTR using AdiumX) In-Reply-To: <4241C91E.7080905@rotz.org> References: <4241C91E.7080905@rotz.org> Message-ID: <20050323211611.GP6023@math.umd.edu> Hello Aldert, You could install the AdiumX beta and start using Jabber+OTR today. Right here: http://www.adiumx.com/beta.html I talked to one of the AdiumX developers and he says that OTR should work fine with this beta. I would be happy to help you test this. My Jabber ID is 'dcarrera@jabber.org' In turn, I would be grateful if you could write simple instructions on how to use OTR in AdiumX. I have a friend who wants to use AdiumX to talk to me with Jabber and OTR, and I'll see him later today. But I don't know how Adium X does OTR. He can already talk to me using Jabber on AdiumX. We were thinking of trying OTR later today. So, if you could write instructions for that last part, I would be very grateful. Cheers, Daniel. On Wed, Mar 23, 2005 at 08:53:02PM +0100, Aldert J.B.P. Hazenberg wrote: > > Hi Guys, > > I installed today AdiumX (for OSX) to test some OTR stuff and in one > go decided to 'ditch' iChat and start using AdiumX. Boy this tool rocks! > AdiumX is the 'gaim for osx' I would say :) Perfect ! > > As I now have AdiumX I also needed to install OTR-proxy and I realized > that OTR-proxy only supports the usage of aim/icq in AdiumX, as I like > to also OTR with my jabber enabled friends : > > - Any schedule for when OTR-proxy will support Jabber ? > > - And, more long term maybe, support for all non aim/icq IM protocols ? > > - I also noticed that the 0.8 version of Adium will support OTR out of > the box and I also wondered when this 0.8 version is due but that is > better a question for the AdiumX forum I guess :) > > I ask this as here as it would be totally great if the behaviour for > setting OTR options per 'user' would be the same in Gaim and AdiumX... > > Aldert. > > ps, OTR : http://www.cypherpunks.ca/otr/ > AdiumX : http://www.adiumx.com/ > Gaim : http://gaim.sourceforge.net/ > > > > > > > > > _______________________________________________ > OTR-users mailing list > OTR-users@lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From ian@cypherpunks.ca Wed Mar 23 21:22:09 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Wed, 23 Mar 2005 16:22:09 -0500 Subject: [OTR-users] OTR-proxy support voor non aim/icq ? (I like to Jabber with OTR using AdiumX) In-Reply-To: <20050323211611.GP6023@math.umd.edu> References: <4241C91E.7080905@rotz.org> <20050323211611.GP6023@math.umd.edu> Message-ID: <20050323212209.GU26798@smtp.paip.net> On Wed, Mar 23, 2005 at 04:16:11PM -0500, Daniel Carrera wrote: > In turn, I would be grateful if you could write simple instructions on how > to use OTR in AdiumX. I have a friend who wants to use AdiumX to talk to me > with Jabber and OTR, and I'll see him later today. But I don't know how > Adium X does OTR. He can already talk to me using Jabber on AdiumX. We were > thinking of trying OTR later today. So, if you could write instructions for > that last part, I would be very grateful. This page is quite useful: http://chris.milbert.com/AIM_Encryption/ - Ian From ian@cypherpunks.ca Wed Mar 23 21:24:20 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Wed, 23 Mar 2005 16:24:20 -0500 Subject: [OTR-users] OTR-proxy support voor non aim/icq ? (I like to Jabber with OTR using AdiumX) In-Reply-To: <4241C91E.7080905@rotz.org> References: <4241C91E.7080905@rotz.org> Message-ID: <20050323212420.GV26798@smtp.paip.net> On Wed, Mar 23, 2005 at 08:53:02PM +0100, Aldert J.B.P. Hazenberg wrote: > I installed today AdiumX (for OSX) to test some OTR stuff and in one > go decided to 'ditch' iChat and start using AdiumX. Boy this tool rocks! > AdiumX is the 'gaim for osx' I would say :) Perfect ! > > As I now have AdiumX I also needed to install OTR-proxy and I realized > that OTR-proxy only supports the usage of aim/icq in AdiumX, In fact, otrproxy only supports aim/icq at all at the moment. > as I like > to also OTR with my jabber enabled friends : > > - Any schedule for when OTR-proxy will support Jabber ? It's the next protocol on the list. Largely because (a) it actually has a spec, and (b) iChat's next version will apparently support it. > - And, more long term maybe, support for all non aim/icq IM protocols ? Love to. We welcome submissions of protocol implementations. ;-) - Ian From dcarrera@math.umd.edu Wed Mar 23 21:40:51 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Wed, 23 Mar 2005 16:40:51 -0500 Subject: [OTR-users] OTR-proxy support voor non aim/icq ? (I like to Jabber with OTR using AdiumX) In-Reply-To: <20050323212420.GV26798@smtp.paip.net> References: <4241C91E.7080905@rotz.org> <20050323212420.GV26798@smtp.paip.net> Message-ID: <20050323214050.GR6023@math.umd.edu> Ian Goldberg wrote: > > - Any schedule for when OTR-proxy will support Jabber ? > > It's the next protocol on the list. Largely because (a) it actually has > a spec, and (b) iChat's next version will apparently support it. And also because Jabber's so cool? :-) One thing I really like about Jabber is that it keeps your IP address private. I can use OTR to AIM someone and a third party won't know what I said. But they can still see my IP address. If I could use OTR with Jabber I would also get that extra level of anonimity. Cheers, -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From kat@paip.net Wed Mar 23 22:08:53 2005 From: kat@paip.net (Kat Hanna) Date: Wed, 23 Mar 2005 17:08:53 -0500 (EST) Subject: [OTR-users] OTR-proxy support voor non aim/icq ? (I like to Jabber with OTR using AdiumX) In-Reply-To: <20050323212209.GU26798@smtp.paip.net> References: <4241C91E.7080905@rotz.org> <20050323211611.GP6023@math.umd.edu> <20050323212209.GU26798@smtp.paip.net> Message-ID: On Wed, 23 Mar 2005, Ian Goldberg wrote: > On Wed, Mar 23, 2005 at 04:16:11PM -0500, Daniel Carrera wrote: > > In turn, I would be grateful if you could write simple instructions on how > > to use OTR in AdiumX. I have a friend who wants to use AdiumX to talk to me > > with Jabber and OTR, and I'll see him later today. But I don't know how > > Adium X does OTR. He can already talk to me using Jabber on AdiumX. We were > > thinking of trying OTR later today. So, if you could write instructions for > > that last part, I would be very grateful. > > This page is quite useful: > > http://chris.milbert.com/AIM_Encryption/ I've added a link to this on the OTR page. If anyone wants to put together detailed install instructions with screenshots for gaim-otr and/or the proxy on Windows or Linux, send 'em along and I'll put them up. -Kat From bean62@hotmail.com Thu Mar 24 15:39:40 2005 From: bean62@hotmail.com (ben k) Date: Thu, 24 Mar 2005 10:39:40 -0500 Subject: [OTR-users] OTR : session setup messages, issue. Message-ID: I'm new to OTR and new to this list. First, thanks for a great plugin. I use Gaim 1.2.0 on Win XP Pro. I encouraged many folks from my office to use your plugin so that the admin folks can't track what's being said all day long, and I think the plugin is great. The issue I'm having is minor, in that it only happens during the setup of a session with someone and goes away after the private session is established, but I wanted to see if I have something setup incorrectly, etc. When I first sent a message this morning to someone, the OTR: status was Not Private (hadn't yet established...). I didn't click on the button, I just sent a message. Here's what happened: (10:34:56) MY_ID: test (10:34:57) OTR Error: You sent unencrypted data to PERSON_X, who was expecting encrypted messages from you. (10:34:57) PERSON_X: ?OTR Error: You sent unencrypted data to PERSON_X, who was expecting encrypted messages from you. (10:34:57) PERSON_X: ?OTR:AAEKAQAAAICT0SdyQU0VUKURAezGa5X91P8+mRB49+JClYU/F12PyF1U0GLIrP+tLVNpU/ROWS7UPICg7JKq2isxExj9oVWXs4+DOj550F6L889q9OclnIAYICMKoEYOdcYZhgx8ggSwzQjkEC3sm5AK4FAeirol0t/oy3NvvXYVsnBMeUc/RwAAABTGEjr7IVCNwazxlqGYO6DsC7IaUQAAAIAllBf3s4Fx1l+dCSeviXZtqgvqNn28XHJg7bCTbI+4Ue1IzNU2bEsakZd9f8vR6D87UN7/RY82+6CMN+0Dj4jMh4Zt55eXSsPeZsdld5B5VA7nep4SbdknOnS5bPZM+helRxg5rrSZEWwjurqVn4znNW2UQ4zWORqsLLuxRh+PAQAAAIBHvN7dlwBELr03kSaIGG/RCFK50aM3c7J3/P0cYkVV04sBmwfyaP5AsAQTkAph3WcKBaWe5Ur56xqR/CpctrGNcspMzLs1vaiAnx414wFRFTPyDKKb8ydt9ibcsBmKrDOZnL2L/uEx2CBFdaTAikg7ObSH0gBpaj533UloNGwsBAAAAAIAAADAB+w7O8eENXkxOqKlkwWzdwokXCeGI7iNECrhwytMQmhXs9V4e0aQwvukf/Cm0IcMy2OcByuz2AZL6nfl29GeaLMuwuqZEY4AIDlGVPsGCxSTXfpFImVracQTXHgFh7SNCcZwc3m0Gn0Xw7LpCmpAY6bUCzf5pCeW17UdL3FNUYVoPEkZCkIZ1PSEg0NARlWobarItyAG5JidV6WBMwhqj+AZwte26Cyr6lJZMWUKYnf2G4MgM5hCwQb9dTYRb794ofn2lHB9FLoX5OjaDNSDUI6PD2BlYkZ7XAZ4z19mM7Mb2qC+XZQHvg==. The last message is really what I'm concerned about. I also get that ?OTR: message when I click on the button to establish the connection. Any thoughts on whether or not I should do something differently? Thanks again for providing this program/plugin. And thanks in advance for any suggestions or comments. -ben _________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from McAfeeŽ Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 From ian@cypherpunks.ca Thu Mar 24 16:03:27 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Thu, 24 Mar 2005 11:03:27 -0500 Subject: [OTR-users] OTR : session setup messages, issue. In-Reply-To: References: Message-ID: <20050324160327.GI26798@smtp.paip.net> On Thu, Mar 24, 2005 at 10:39:40AM -0500, ben k wrote: > I'm new to OTR and new to this list. First, thanks for a great plugin. I > use Gaim 1.2.0 on Win XP Pro. I encouraged many folks from my office to > use your plugin so that the admin folks can't track what's being said all > day long, and I think the plugin is great. > > The issue I'm having is minor, in that it only happens during the setup of > a session with someone and goes away after the private session is > established, but I wanted to see if I have something setup incorrectly, > etc. When I first sent a message this morning to someone, the OTR: status > was Not Private (hadn't yet established...). I didn't click on the button, > I just sent a message. Here's what happened: > > (10:34:56) MY_ID: test > (10:34:57) OTR Error: You sent unencrypted data to PERSON_X, who was > expecting encrypted messages from you. > (10:34:57) PERSON_X: ?OTR Error: You sent unencrypted data to PERSON_X, who > was expecting encrypted messages from you. > (10:34:57) PERSON_X: > ?OTR:AAEKAQAAAICT0SdyQU0VUKURAezGa5X91P8+mRB49+JClYU/F12PyF1U0GLIrP+tLVNpU/ROWS7UPICg7JKq2isxExj9oVWXs4+DOj550F6L889q9OclnIAYICMKoEYOdcYZhgx8ggSwzQjkEC3sm5AK4FAeirol0t/oy3NvvXYVsnBMeUc/RwAAABTGEjr7IVCNwazxlqGYO6DsC7IaUQAAAIAllBf3s4Fx1l+dCSeviXZtqgvqNn28XHJg7bCTbI+4Ue1IzNU2bEsakZd9f8vR6D87UN7/RY82+6CMN+0Dj4jMh4Zt55eXSsPeZsdld5B5VA7nep4SbdknOnS5bPZM+helRxg5rrSZEWwjurqVn4znNW2UQ4zWORqsLLuxRh+PAQAAAIBHvN7dlwBELr03kSaIGG/RCFK50aM3c7J3/P0cYkVV04sBmwfyaP5AsAQTkAph3WcKBaWe5Ur56xqR/CpctrGNcspMzLs1vaiAnx414wFRFTPyDKKb8ydt9ibcsBmKrDOZnL2L/uEx2CBFdaTAikg7ObSH0gBpaj533UloNGwsBAAAAAIAAADAB+w7O8eENXkxOqKlkwWzdwokXCeGI7iNECrhwytMQmhXs9V4e0aQwvukf/Cm0IcMy2OcByuz2AZL6nfl29GeaLMuwuqZEY4AIDlGVPsGCxSTXfpFImVracQTXHgFh7SNCcZwc3m0Gn0Xw7LpCmpAY6bUCzf5pCeW17UdL3FNUYVoPEkZCkIZ1PSEg0NARlWobarItyAG5JidV6WBMwhqj+AZwte26Cyr6lJZMWUKYnf2G4MgM5hCwQb9dTYRb794ofn2lHB9FLoX5OjaDNSDUI6PD2BlYkZ7XAZ4z19mM7Mb2qC+XZQHvg==. > > > The last message is really what I'm concerned about. I also get that ?OTR: > message when I click on the button to establish the connection. Any > thoughts on whether or not I should do something differently? > > Thanks again for providing this program/plugin. And thanks in advance for > any suggestions or comments. You seem to be seeing protocol messages that are received by the plugin, even though the plugin marks them as "don't display this message to the user". > (10:34:57) OTR Error: You sent unencrypted data to PERSON_X, who was > expecting encrypted messages from you. > (10:34:57) PERSON_X: ?OTR Error: You sent unencrypted data to PERSON_X, who > was expecting encrypted messages from you. The first message was output by the OTR plugin. The second is the raw protocol message, which you're for some reason seeing, when you shouldn't be. Similarly, when your plugin received the OTR error message, it sent a Key Exchange message to PERSON_X. His client replied with a Key Exchange message (with the Reply bit set to 1, which it is in the above message). Your client accepted the Key Exchange Message, but *also* displayed it. I'm wondering if this is a bug in gaim 1.2.0. Could you possibly temporarily downgrade to 1.1.4 and see if it still happens? [Is anyone else on this list running gaim-otr with gaim 1.2.0?] Are you running any other gaim plugins that might be interacting with message delivery/display? Thanks, - Ian From bean62@hotmail.com Thu Mar 24 16:25:51 2005 From: bean62@hotmail.com (ben k) Date: Thu, 24 Mar 2005 11:25:51 -0500 Subject: [OTR-users] OTR : session setup messages, issue. In-Reply-To: <20050324160327.GI26798@smtp.paip.net> Message-ID: >Are you running any other gaim plugins that might be interacting with >message delivery/display? That was the issue. Thanks for your prompt response. After reading this, I noticed I still had the gaim-encryption plugin enabled. I disabled it, shutdown-and-restarted gaim, and tried again and OTR worked perfectly. The gaim-encryption plugin was interfering, I suppose. Thanks again, working perfectly now. -ben _________________________________________________________________ FREE pop-up blocking with the new MSN Toolbar – get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ From ian@cypherpunks.ca Thu Mar 24 20:33:18 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Thu, 24 Mar 2005 15:33:18 -0500 Subject: [OTR-users] OTR : session setup messages, issue. In-Reply-To: References: <20050324160327.GI26798@smtp.paip.net> Message-ID: <20050324203318.GJ26798@smtp.paip.net> On Thu, Mar 24, 2005 at 11:25:51AM -0500, ben k wrote: > > >Are you running any other gaim plugins that might be interacting with > >message delivery/display? > > That was the issue. Thanks for your prompt response. After reading this, > I noticed I still had the gaim-encryption plugin enabled. I disabled it, > shutdown-and-restarted gaim, and tried again and OTR worked perfectly. The > gaim-encryption plugin was interfering, I suppose. > > Thanks again, working perfectly now. It's a fair cop, though; you shouldn't have seen that message. I've checked in a fix for the next version. Here's the ChangeLog entry: * otr-plugin.c (process_receiving_im): If libotr tells us to ignore this received message (because it's an internal protocol message), it's not enough just to return 1 from this function, since other plugins that catch receiving-im-msg may later return 0, and gaim only checks the return value from the last such plugin. So we additionally set the message to NULL. That's unexpected behaviour from gaim, if you ask me, but it was easy enough to work around. gaim-otr 2.0.2 will not display the internal protocol messages just because you've got another plugin running. Thanks for the detailed bug report! - Ian From adam_zimmerman@ezrs.com Thu Mar 24 23:57:49 2005 From: adam_zimmerman@ezrs.com (Adam Zimmerman) Date: Thu, 24 Mar 2005 15:57:49 -0800 Subject: [OTR-users] Need someone to test OTR with for screenshots Message-ID: <1111708669.6212.7.camel@localhost> Hi all. First of all of course, many thanks to the developers for an awesome plugin. In response to Kat's request, I'm doing an install and setup guide for gaim-otr on debian. I've gotten all the screenshots I need, except one, of an actual conversation with the OTR: Private button. If someone would be so kind as to IM me and help me test OTR and get my last screenshot too, I'd be very grateful. I'm climbingsfun (Fingerprint: D5C0A99C 41618EAA 4135CA75 98B23A3B CA1BD1CA) on AIM. Thanks. -- Adam Zimmerman CREATIVITY - http://tinyurl.com/3oxgw ALWAYS - http://randomfoo.net/oscon/2002/lessig/ BUILDS - http://www.theopencd.org/ ON THE PAST - http://free-culture.org/freecontent/ -- Modesty is a vastly overrated virtue. -- J.K. Galbraith From aldert@rotz.org Fri Mar 25 00:13:00 2005 From: aldert@rotz.org (Aldert J.B.P. Hazenberg) Date: Fri, 25 Mar 2005 01:13:00 +0100 Subject: [OTR-users] Need someone to test OTR with for screenshots In-Reply-To: <1111708669.6212.7.camel@localhost> References: <1111708669.6212.7.camel@localhost> Message-ID: <4243578C.4040204@rotz.org> Adam Zimmerman wrote: > except one, of an actual conversation with the OTR: Private button. If > someone would be so kind as to IM me and help me test OTR and get my > last screenshot too, I'd be very grateful. > Grin. I was only number three to ping Adam. :) :) :) Aldert. From Jed Hassell Mon Mar 28 05:52:14 2005 From: Jed Hassell (Jed Hassell) Date: Mon, 28 Mar 2005 00:52:14 -0500 Subject: [OTR-users] Ignored Messages Message-ID: I'm a student at the University of Georgia and I'm currently working on a project for one of my classes which requires me to be able to send messages through the AOL network which will be ignored by all clients except for the one that I am implementing. I am assuming that there is a way to do this sense programs like gaim and trillian send messages back and forth that are ignored by outside clients (encryption setup). Does anyone on this mailing that has any idea how to do this. I am using java 5.0 and am altering the simpleaim program found on sourceforge. Thanks in advance for the help. Jed From jcohen07@brandeis.edu Mon Mar 28 07:48:39 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 02:48:39 -0500 Subject: [OTR-users] Is there any way to increase key sizes or a plan to include this feature? Message-ID: <4247B6D7.3010903@brandeis.edu> This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigABF1989C5905996A5B8CD593 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit 1024 bit DH & DSA keys are of questionable strength. It is quite possible that over the next 5-10 years a realistic attack against such keys will become possible. Although OTR provides perfect forward security, it can't prevent a brute force attack. Is there a way to increase the size of the DH parameter to 2048 bits or to use a 2048 bit RSA signature key? --------------enigABF1989C5905996A5B8CD593 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iQIVAwUBQke23QT9Agfn8ns8AQLSOA//XN5MoywlmM6kJIkuUC8N8aKIO80ocBmn /QAklI1Rf9eXUV2z2GTetR/kWfes2ZXsDDP+cw40TdPfuTtUi+9cQpvZMg9AZ0gF LtWoS+h9Tw4LWXF4NfilTisYkwjhMTYlha4ykSrCqzmTBKMK8/TURFeU/Carmcxx flu4qTz59TPEVwgpxfajWUU8u2i2aaCsaAa4WdYALGEDDArlmRgqokJvL0AAYott k/s3vPNPTMKM5THN+fbc36dadYVFKz6NtU/JSTBTeI4LK5bJawWxWYiHUqQKz9VO LIau81vxjXqo83sRJKhsyOT+QfRpzJDmDvrhbEwXPlJyEHI2AOnVfMQJANC+9kGQ c+Twe8tkuMDXeU8ndjdXUtSVTswMTbbfk/aQOz4Y469VkNcirZRloM7Mib8exatd umAlTfQcS2KVlZBBzCsYC6gNwpCbon2iOoCHKpizd8YhsIjEvluJeJZo7sPoBP3d d7HhYQiASrRIqBiJHFO+ZvDaLh+/zaHZzkQ4rWDc3GspyLR0YYNdaGe2uZ66Xxwd oL+0liEXisFVf91FNluW1Fx9Lv2RRlyvE6t9zJ5ueG9BNY0KCHY1vVrXfeCzxpRV JylWiHFPd5V5AcqCLVwmUKcplkdVOYHSVPhqU0EWf6ODV5HDk45kINLdBOu/4EOZ AEkk/I9oQiI= =xloR -----END PGP SIGNATURE----- --------------enigABF1989C5905996A5B8CD593-- From jcohen07@brandeis.edu Mon Mar 28 09:16:53 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 04:16:53 -0500 Subject: [OTR-users] DH modulus size & RSA keys Message-ID: <4247CB85.3040506@brandeis.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Upon reading the Protocol Description paper I found I was incorrect about the DH modulus size (It's 1536 bits rather than 1000). However, I would still like to use a 2048 bit modulus which is the currently recommended size. Is this possible? I also saw a great deal of discussion on the developer's mailing list about allowing the use of RSA signing keys in addition to DSS. Are RSA signing keys currently allowed? If so, how would I go about increasing the size to 2048 bits? Jason -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iQIVAwUBQkfLhAT9Agfn8ns8AQoXpg//ZWvPueCRMRwptMwVXnoM0rKKY4F294QC l5kAJgEKQUNEL1c8GnAEwTa7P6xrTIUe1tvrwZ3YFf6oiqYJY39sLtvWF68aBElZ l8bD8p4JVyQe2r84SnsUs4S3ZD9VaxDTHO+a4fLQPoQZqKgvwcTCBNHHbBIv2k4n FMAqkTgG8qqQneNJxUZUE5LeQWYFj8//Jqc9hVtQVUe5jxT7tOAOcrXv1BXWljPn JBxtbhj0iDXKg18UXuerLUmCoDL1D+Ubu8nTvPHph6+ej4DaNm1gHVN03PXAnXzP 2zV2hYd1z/vKJR15pKFieauzUzrSuQYMrYtKNWbEdBRSGb6CLeOXncwyEEY1ixws Byfo24AX3nusN2SZaeSZ9q7+JOAKj2AwcbcGJCg3WOBEvnc/YWcsqrgYopWv0lFx MInk/qLObaea9HyJRBxkXIx7P54g2NoLwlu6JIWQ7kvF2cBsAsO9FeC7qVafaswH K1kMql/dLjE5R1kyRH4NyOrKN7fz7QV2vcoQ99ICONcRBa7VGnpaBsVfwCcy3JJt NUZQslogZYrrpOrPM9UKLiRThY1bsfSY8HJq7pwOJuh+gXCPjx307K35cxvx8GiI P7BRJ/Wy1HMoOIvwFYO21CUTIqXpM7LBtxmW9Kx5fa8f8kxoXyojAhztDrHKcBal HlbO2B4lgkE= =FOWq -----END PGP SIGNATURE----- From jcohen07@brandeis.edu Mon Mar 28 09:18:19 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 04:18:19 -0500 Subject: [OTR-users] DH modulus size & RSA keys Message-ID: <4247CBDB.6090906@brandeis.edu> Upon reading the Protocol Description paper I found I was incorrect about the DH modulus size (It's 1536 bits rather than 1000). However, I would still like to use a 2048 bit modulus which is the currently recommended size. Is this possible? I also saw a great deal of discussion on the developer's mailing list about allowing the use of RSA signing keys in addition to DSS. Are RSA signing keys currently allowed? If so, how would I go about increasing the size to 2048 bits? Jason From jcohen07@brandeis.edu Mon Mar 28 09:18:46 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 04:18:46 -0500 Subject: [OTR-users] Where are the OTR-Private and OTR-Not Private buttons stored? Message-ID: <4247CBF6.3040102@brandeis.edu> I would like to replace the default text "OTR-Private" and "OTR-Not Private" buttons with something that more clearly shows the status of the connection. Gaim-Encrypt's button shows a red lock icon for encrypted communications and a unlocked grey icon for unencrypted conversations (or a green unlocked icon if encryption is available but not used). I was thinking of replicating this for OTR but instead of using Tx;Secure and Rx:secure I would simply have the text say "OTR:Secure" and "OTR:Insecure". However, I can't seem to find the location of OTR's button? Anyone know where I can find it, or the name of the file so i can search for it? Here's a screenshot of what the gaim-encrypt icons look like: http://gaim-encryption.sourceforge.net/conversation.html Jason From ian@cypherpunks.ca Mon Mar 28 13:53:47 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 08:53:47 -0500 Subject: [OTR-users] Where are the OTR-Private and OTR-Not Private buttons stored? In-Reply-To: <4247CBF6.3040102@brandeis.edu> References: <4247CBF6.3040102@brandeis.edu> Message-ID: <20050328135347.GC30200@smtp.paip.net> On Mon, Mar 28, 2005 at 04:18:46AM -0500, Jason Cohen wrote: > I would like to replace the default text "OTR-Private" and "OTR-Not > Private" buttons with something that more clearly shows the status of > the connection. Gaim-Encrypt's button shows a red lock icon for > encrypted communications and a unlocked grey icon for unencrypted > conversations (or a green unlocked icon if encryption is available but > not used). I was thinking of replicating this for OTR but instead of > using Tx;Secure and Rx:secure I would simply have the text say > "OTR:Secure" and "OTR:Insecure". However, I can't seem to find the > location of OTR's button? Anyone know where I can find it, or the name > of the file so i can search for it? > > Here's a screenshot of what the gaim-encrypt icons look like: > http://gaim-encryption.sourceforge.net/conversation.html The button is constructed in gtk-dialog.c (dialog_update_label_conv). The "icon" idea is actually on our todo list; I would personally prefer something more akin to whispering vs. shouting than a lock (since OTR provides private, not just encrypted, conversations), but I certainly don't have the art-fu to draw those. [But for the same reason, the text should say "Private", not "Secure".] - Ian From ian@cypherpunks.ca Mon Mar 28 13:56:34 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 08:56:34 -0500 Subject: [OTR-users] DH modulus size & RSA keys In-Reply-To: <4247CBDB.6090906@brandeis.edu> References: <4247CBDB.6090906@brandeis.edu> Message-ID: <20050328135634.GD30200@smtp.paip.net> On Mon, Mar 28, 2005 at 04:18:19AM -0500, Jason Cohen wrote: > Upon reading the Protocol Description paper I found I was incorrect > about the DH modulus size (It's 1536 bits rather than 1000). However, I > would still like to use a 2048 bit modulus which is the currently > recommended size. Is this possible? > > I also saw a great deal of discussion on the developer's mailing list > about allowing the use of RSA signing keys in addition to DSS. Are RSA > signing keys currently allowed? If so, how would I go about increasing > the size to 2048 bits? In this version of the protocol, the only key exchange method defined is DSA, and the only key agreement is 1536-bit DH. This may change in a later version, at the cost of incompatibility with clients that don't understand it. - Ian From ian@cypherpunks.ca Mon Mar 28 13:59:29 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 08:59:29 -0500 Subject: [OTR-users] Ignored Messages In-Reply-To: References: Message-ID: <20050328135929.GE30200@smtp.paip.net> On Mon, Mar 28, 2005 at 12:52:14AM -0500, Jed Hassell wrote: > I'm a student at the University of Georgia and I'm currently working > on a project for one of my classes which requires me to be able to > send messages through the AOL network which will be ignored by all > clients except for the one that I am implementing. I am assuming that > there is a way to do this sense programs like gaim and trillian send > messages back and forth that are ignored by outside clients > (encryption setup). Does anyone on this mailing that has any idea how > to do this. I am using java 5.0 and am altering the simpleaim program > found on sourceforge. Thanks in advance for the help. OTR doesn't actually do this; rather than sending messages that will be ignored by clients that don't speak OTR, it first detects whether the other client speaks OTR, and if so, only then sends the message. As far as I understand, Trillian's encryption does the same thing; I don't know of a way to do what you want. - Ian From ian@cypherpunks.ca Mon Mar 28 16:32:38 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 11:32:38 -0500 Subject: [OTR-users] DH modulus size & RSA keys In-Reply-To: <20050328135634.GD30200@smtp.paip.net> References: <4247CBDB.6090906@brandeis.edu> <20050328135634.GD30200@smtp.paip.net> Message-ID: <20050328163238.GF30200@smtp.paip.net> On Mon, Mar 28, 2005 at 08:56:34AM -0500, Ian Goldberg wrote: > On Mon, Mar 28, 2005 at 04:18:19AM -0500, Jason Cohen wrote: > > Upon reading the Protocol Description paper I found I was incorrect > > about the DH modulus size (It's 1536 bits rather than 1000). However, I > > would still like to use a 2048 bit modulus which is the currently > > recommended size. Is this possible? > > > > I also saw a great deal of discussion on the developer's mailing list > > about allowing the use of RSA signing keys in addition to DSS. Are RSA > > signing keys currently allowed? If so, how would I go about increasing > > the size to 2048 bits? > > In this version of the protocol, the only key exchange method defined is > DSA, and the only key agreement is 1536-bit DH. This may change in a > later version, at the cost of incompatibility with clients that don't > understand it. I'd also like to note a couple of things: - The keysize of the authentication step only has to make it secure until after your buddy receives the message; after he's accepted your initial DH key, you don't care what happens in the future. DSA is plenty fine for this today. - The keysize of the DH only has to be large enough that you're comfortable with the adversary having to break a DH key agreement *per message*, since (approximately) each message you send is encrypted with a new key, derived from a fresh DH key agreement. [And, although it's small comfort, even if, in 20 years, pocket calculators can break 1536-bit DH in real time, you _still_ get the deniability properties; the transcripts are completely forgeable, so they'll need to be convinced your stored transcripts haven't been messed with over the decades.] - Ian From jcohen07@brandeis.edu Mon Mar 28 17:35:34 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 12:35:34 -0500 Subject: [OTR-users] DH modulus size & RSA keys In-Reply-To: <20050328163238.GF30200@smtp.paip.net> References: <4247CBDB.6090906@brandeis.edu> <20050328135634.GD30200@smtp.paip.net> <20050328163238.GF30200@smtp.paip.net> Message-ID: <42484066.1090806@brandeis.edu> - While the DSA key is only used for authentication, it's still the basis of trust for the conversation. While the person may not be able to prove the conversation happened, if he can fake your DSA key, he can initiate secure conversations on your behalf. You can of course verify the secure id but you might not do this if you have no reason to suspect you've been compromised.

- While this is true, I don't see why it's necessary to leave open the possibility. It is estimated that if Moore's Law holds, a 2048 bit RSA keys should be secure until 2030, while 1024 bit keys will only be secure until 2010. As most people are chatting on modern PCs, the computational differences between such key sizes are irrelevant. When I used gaim-encrypt with a 2048 RSA key, I didn't notice any noticeable slowdown.

To me, OTR's main advantage is Perfect Forward Security. Unlike using PGP with email, it's impractical to encrypt the private key, and therefore a compromise of your system can be disastrous. If someone broke into my system and stole id.priv, they could read all my conversations encrypted with gaim-encrypt (and prove I wrote them). Protecting the content of the message is the primary goal. Then- as a consolation, you can deny you wrote the messages- however this might not make up for the fact that your secret is out. Obviously, encrypted messages can't remain secure forever but I think a 5-10 year timespan is reasonable. 2048 bit keys can with reasonable surity guarantee that where a 1536 bit key can not.

With PGP, a relatively security consciious user, and a strong passphrase to encrypt the secret key, a user can be fairly secure. PGP also seems to fit the needs of email more than deniability/PFS. I view email as a more official medium that has a permanance that instant messanges don't. I might want messages I receive to be non-repuditable. If I wanted to have a private "off the record" conversation with someone I would do it in person, or with OTR on gaim. This makes clear that at least one of the participants wants to keep the message private, and even if the other does tell others, they can't prove what they heard is true.

Email is increasingly being used to replace other official forms of communication in business. If this is the case, email should have a guarantee of non-repuditablity and security. Email simply is no longer "off-the-record". Email is used to spread memorandums, and other official documents. It would be confusing and bad business practice to  allow a sender to deny he sent an official document. It would certainly undermine trust between businesses and between employees.

Ian Goldberg wrote: 
On Mon, Mar 28, 2005 at 08:56:34AM -0500, Ian Goldberg wrote:
  
On Mon, Mar 28, 2005 at 04:18:19AM -0500, Jason Cohen wrote:
    
Upon reading the Protocol Description paper I found I was incorrect
about the DH modulus size (It's 1536 bits rather than 1000). However, I
would still like to use a 2048 bit modulus which is the currently
recommended size. Is this possible?

I also saw a great deal of discussion on the developer's mailing list
about allowing the use of RSA signing keys in addition to DSS. Are RSA
signing keys currently allowed? If so, how would I go about increasing
the size to 2048 bits?
      
In this version of the protocol, the only key exchange method defined is
DSA, and the only key agreement is 1536-bit DH.  This may change in a
later version, at the cost of incompatibility with clients that don't
understand it.
    

I'd also like to note a couple of things:

- The keysize of the authentication step only has to make it secure
  until after your buddy receives the message; after he's accepted your
  initial DH key, you don't care what happens in the future.  DSA is
  plenty fine for this today.

- The keysize of the DH only has to be large enough that you're
  comfortable with the adversary having to break a DH key agreement *per
  message*, since (approximately) each message you send is encrypted
  with a new key, derived from a fresh DH key agreement.  [And, although
  it's small comfort, even if, in 20 years, pocket calculators can break
  1536-bit DH in real time, you _still_ get the deniability properties;
  the transcripts are completely forgeable, so they'll need to be
  convinced your stored transcripts haven't been messed with over the
  decades.]

   - Ian
_______________________________________________
OTR-users mailing list
OTR-users@lists.cypherpunks.ca
http://lists.cypherpunks.ca/mailman/listinfo/otr-users

From jcohen07@brandeis.edu Mon Mar 28 18:59:41 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 13:59:41 -0500 Subject: [OTR-users] Perfect Forward Security Message-ID: <4248541D.6060409@brandeis.edu> Quoting: The keysize of the DH only has to be large enough that you're comfortable with the adversary having to break a DH key agreement *per message*, since (approximately) each message you send is encrypted with a new key, derived from a fresh DH key agreement. If an adversary steals your private key and can break one message, don't they have all the needed information to decrypt the next message? They have the key used to encrypt the next message as well as the private "x" value. I'm probably just confused. I would appreciate it if someone could clarify this for me. Jason From ian@cypherpunks.ca Mon Mar 28 19:20:08 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 14:20:08 -0500 Subject: [OTR-users] Perfect Forward Secrecy In-Reply-To: <4248541D.6060409@brandeis.edu> References: <4248541D.6060409@brandeis.edu> Message-ID: <20050328192008.GH30200@smtp.paip.net> [It's "perfect forward secrecy", not "p.f. security".] On Mon, Mar 28, 2005 at 01:59:41PM -0500, Jason Cohen wrote: > Quoting: > > The keysize of the DH only has to be large enough that you're > comfortable with the adversary having to break a DH key agreement *per > message*, since (approximately) each message you send is encrypted > with a new key, derived from a fresh DH key agreement. > > If an adversary steals your private key and can break one message, > don't they have all the needed information to decrypt the next > message? They have the key used to encrypt the next message as well as > the private "x" value. I'm probably just confused. I would appreciate > it if someone could clarify this for me. No; if you break DH to find the private key associated with the public key used to encrypt message number 1, that doesn't give you the private key associated with the public key used to encrypt message number 2. Each message (approximately) uses a brand-new DH private/public key pair. You have to break DH all over again to get that second private key, and so on. Knowing the DSA private key also has no effect on this result. I'm not sure that was clear enough. Let me know if there's something you still don't understand. - Ian From jcohen07@brandeis.edu Mon Mar 28 19:54:00 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 14:54:00 -0500 Subject: [OTR-users] Perfect Forward Security Message-ID: <424860D8.1090002@brandeis.edu> I actually knew it was "Perfect Forward Security" but mistakenly typed "Secrecy". Anyways, thanks for the clarification. I also read your "Off-the-Record Messaging or, when not to use PGP" power point presentation for the Black Hat Briefings and it was quite helpful. Jason From ian@cypherpunks.ca Mon Mar 28 20:30:13 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 15:30:13 -0500 Subject: [OTR-users] Perfect Forward Security In-Reply-To: <424860D8.1090002@brandeis.edu> References: <424860D8.1090002@brandeis.edu> Message-ID: <20050328203013.GJ30200@smtp.paip.net> On Mon, Mar 28, 2005 at 02:54:00PM -0500, Jason Cohen wrote: > I actually knew it was "Perfect Forward Security" but mistakenly typed > "Secrecy". No, no. It *is* "perfect forward secrecy". You originally mistyped "security", and I corrected the subject line. ;-) > Anyways, thanks for the clarification. I also read your > "Off-the-Record Messaging or, when not to use PGP" power point > presentation for the Black Hat Briefings and it was quite helpful. No problem. - Ian From morty@gmx.net Mon Mar 28 20:06:37 2005 From: morty@gmx.net (=?UTF-8?B?TW9yaXR6ICdNb3J0eScgU3Ryw7xiZQ==?=) Date: Mon, 28 Mar 2005 22:06:37 +0200 Subject: [OTR-users] Perfect Forward Secrecy In-Reply-To: <20050328192008.GH30200@smtp.paip.net> References: <4248541D.6060409@brandeis.edu> <20050328192008.GH30200@smtp.paip.net> Message-ID: <424863CD.6080608@gmx.net> This is a cryptographically signed message in MIME format. --------------ms080000080202000607050800 Content-Type: multipart/mixed; boundary="------------060005030700050107070904" This is a multi-part message in MIME format. --------------060005030700050107070904 Content-Type: multipart/alternative; boundary="------------000002020708020502040307" --------------000002020708020502040307 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable Ian Goldberg wrote: >[It's "perfect forward secrecy", not "p.f. security".] > >On Mon, Mar 28, 2005 at 01:59:41PM -0500, Jason Cohen wrote: > =20 > >>Quoting: >> >>The keysize of the DH only has to be large enough that you're >> comfortable with the adversary having to break a DH key agreement *pe= r >> message*, since (approximately) each message you send is encrypted >> with a new key, derived from a fresh DH key agreement. >> >>If an adversary steals your private key and can break one message, >>don't they have all the needed information to decrypt the next >>message? They have the key used to encrypt the next message as well as >>the private "x" value. I'm probably just confused. I would appreciate >>it if someone could clarify this for me. >> =20 >> > >No; if you break DH to find the private key associated with the public >key used to encrypt message number 1, that doesn't give you the private >key associated with the public key used to encrypt message number 2. >Each message (approximately) uses a brand-new DH private/public key >pair. You have to break DH all over again to get that second private >key, and so on. Knowing the DSA private key also has no effect on this >result. > >I'm not sure that was clear enough. Let me know if there's something >you still don't understand. > > - Ian >_______________________________________________ >OTR-users mailing list >OTR-users@lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > > =20 > Maby I can make it a bit more clear. You have a public and a private=20 key. You encrypt with the public key and decrypt with the private key.=20 If you only have the pub key, you can't decode the message. If you calculate the 1st private key (wich takes lots of time) all you=20 get is the 1st message and the secound public key. Now you have to=20 calculate the secound private Key (wich takes a lots of time again) to=20 decode the secound message and get the third public key, and so on. As you "forget" your private key as soon as you don't need it any more=20 there is no way to get it then to calculate the Private key from the=20 public key, wich as alreade mentioned taks lots of time. Hope this maks things a bit more clear. morty --=20 Diese Email ist signiert. Solltest Du von mir eine nicht signierte Mail=20 bekommen und das Gef=C3=BChl haben, dass sie nicht von mir stammt, ist di= es=20 wahrscheinlich der Fall. Sollte Dein Email-Client keine Signaturen=20 unterst=C3=BCtzen wird eine smime.p7s-Datei im Anhang angeziegt. Get Firefox! - Den besten Browser jetzt in Version 1.0.1, Deutsch=20 runterladen! --------------000002020708020502040307 Content-Type: multipart/related; boundary="------------020904070107060405000109" --------------020904070107060405000109 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Ian Goldberg wrote: 
[It's "perfect forward secrecy", not "p.f. security".]

On Mon, Mar 28, 2005 at 01:59:41PM -0500, Jason Cohen wrote:
  
Quoting:

The keysize of the DH only has to be large enough that you're
  comfortable with the adversary having to break a DH key agreement *per
  message*, since (approximately) each message you send is encrypted
  with a new key, derived from a fresh DH key agreement.

If an adversary steals your private key and can break one message,
don't they have all the needed information to decrypt the next
message? They have the key used to encrypt the next message as well as
the private "x" value. I'm probably just confused. I would appreciate
it if someone could clarify this for me.
    

No; if you break DH to find the private key associated with the public
key used to encrypt message number 1, that doesn't give you the private
key associated with the public key used to encrypt message number 2.
Each message (approximately) uses a brand-new DH private/public key
pair.  You have to break DH all over again to get that second private
key, and so on.  Knowing the DSA private key also has no effect on this
result.

I'm not sure that was clear enough.  Let me know if there's something
you still don't understand.

   - Ian
_______________________________________________
OTR-users mailing list
OTR-users@lists.cypherpunks.ca
http://lists.cypherpunks.ca/mailman/listinfo/ot=
r-users
Maby I can make it a bit more clear. You have a public and a private key. You encrypt with the public key and decrypt with the private key. If you only have the pub key, you can't decode the message.
If you calculate the 1st private key (wich takes lots of time) all you get is the 1st message and the secound public key. Now you have to calculate the secound private Key (wich takes a lots of time again) to decode the secound message and get the third public key, and so on.
As you "forget" your private key as soon as you don't need it any more there is no way to get it then to calculate the Private key from the public key,=C2=A0 wich as alreade mentioned taks lots of time.
Hope this maks things a bit more clear.
morty

--

Diese Email ist signiert. Solltest Du von mir eine nicht signierte Mail bekommen und das Gef=C3=BChl haben, dass sie nicht von mir stammt, i= st dies wahrscheinlich der Fall. Sollte Dein Email-Client keine Signaturen unterst=C3=BCtzen wird eine smime.p7s-Datei im Anhang angeziegt.

3D"Get - Den besten Browser jetzt in Version 1.0.1, Deutsch runterladen!

--------------020904070107060405000109 Content-Type: image/png; name="firefox_80x15.png" Content-Transfer-Encoding: base64 Content-ID: Content-Disposition: inline; filename="firefox_80x15.png" iVBORw0KGgoAAAANSUhEUgAAAFAAAAAPCAIAAAD8q9/YAAAABGdBTUEAALGOfPtRkwAAACBj SFJNAAB6JQAAgIMAAPn/AACA6AAAdTAAAOpgAAA6lwAAF2+XqZnUAAADsklEQVR4nGJMS0tj GEkAIIAYgB7+Tz1AXdOoDoDOAwggFjxhcfHSk4PnHp9+/vnlz38QEXF2JmkuNkdtEWMDBRER HvpECXUBQABh9/DOPVemrL+w8+MfVikhBlFhASVxRh6u/1++nXv76d+vX7MOP+ZedyVGQaw4 yWzIeRsggJgg1JdPHyCMhw/fhWcs9Ghat/X5+z+M/35++M70/jPQt+x83GxCAiAVn76aSP2z NWNgZF/ft7Ryw9qdA+V08gBAAEFj+OrsbPPipcCI9S9aAuILcP3/+oPhN7ui6N+v37/8fvuJ hYudgYURGL2/f/zee/EH86+/Wr+ZN/psllA7+nrNhleKcdrGlpimMzIyQhjA/IOLjakSwoUz 0MRxGQLhomlHYwMBQABBY9jo+54ZnR0+sZP+vn4HROwfvvGx/FuewNqmfPX7n49/uTn+fPv5 5d1nkIlfvjH++cP37b0H71+eL1JsD4VEjT9oPa89uXsTpm/hpQXcZRA2MgkHyCoxxZG9h2kg 3C64tyEMNN8CAUAAQWP468f/qg9m+KhZquuKyAuxP3z3NVDxseHr71JbJT+ZSwsyMPx4+OL7 1+9Mv34BkzebpsjbJ3zTL3y98vlvjeU3C5nHjPbaSju3MzD4YToXLeAx/YlVJR5xIg2E+BlT CiCAoB5+dPGnjiTbOo8HjDxvf7HysHI+/3Pv/oRH4m/1w1gVZb59/8bEwvSfh/0vL9DvDH/+ /WOQEv50hmnPeb4d+97Vhf6pK9op6u6O1RtYEzAulQRNQFOGx0CIbzH9DBBAUA+L8P9h+P/h 1fUP/3/+ZGRhZmBmEeLlUXhwR1/oxGU13d/MbKwcwJqJ5e/v/////Pr/6zdIj57mL+77/9mU 6q9+fNN3elLsJgbDSVgdijVySALITsdqCJpdcMWYfgYIIKiHGUU5//34yfD9FwMTEyQw33z/ KsX+o/rc7Afv9i/5r3DFLu+/oBDEq0xfP//7ycDAx/lfU4Xh118mIeHJVxmCNjx3MMTiUKxs 4rloDCINxKMMIICgHv7Bxsr2+Ru0BGOGCgpIcQMrolBXcenPfNmPH3wCav4JEv/34xfDmSuM YsL/JcSYvv5k/vQ5lO8Yul8HKwAIIKjfOIBRx8oMREw/f0NlONgllPn+Wbu3PRTvO/L6gyob A9C3V+8yvP/IIMjP8P37/4dPmDm5gQp/f/zF8u+pg/qfgfIDSQAggKAelpz2BpeKKiAqhvOc cagaMj0QgABiHGm9JYAAAwBRnvugw/L2tQAAAABJRU5ErkJggg== --------------020904070107060405000109-- --------------000002020708020502040307-- --------------060005030700050107070904 Content-Type: text/x-vcard; charset=utf-8; name="morty.vcf" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="morty.vcf" YmVnaW46dmNhcmQNCmZuO3F1b3RlZC1wcmludGFibGU6TW9yaXR6ICJNb3J0eSIgU3RyPUMz PUJDYmUNCm47cXVvdGVkLXByaW50YWJsZTpTdHI9QzM9QkNiZTtNb3JpdHogIk1vcnR5Ig0K YWRyOjs7U2Nob3JsYWNoc3RyIDI3O0VybGFuZ2VuOzs5MTA1ODtELUdlcm1hbnkNCmVtYWls O2ludGVybmV0Om1vcnR5QGdteC5uZXQNCnRlbDt3b3JrOis0OSAoOTEzMSkgNjEwODQxNw0K dGVsO2hvbWU6KzQ5ICg5MTMxKSA2MzA3MzANCnRlbDtjZWxsOis0OSAoMTc3KSA0NjYxOTk1 DQpub3RlO3F1b3RlZC1wcmludGFibGU6UEdQIC8gR1BHOiBQcm92aWRlZCBFbmlnbWFpbC4g PQ0KCT0wRD0wQT0NCglLZXkgYXQgc2tzLmtleXNlcnZlci5wZW5ndWluLmRlPTBEPTBBPQ0K CT0wRD0wQT0NCglJTTo9MEQ9MEE9DQoJamFiYmVyOi8vbW9ydHlAYW1lc3NhZ2UuaW5mbz0w RD0wQT0NCglqYWJiZXI6Ly9tb3J0eUBqYWJiZXIuY2NjLmRlPTBEPTBBPQ0KCWphYmJlcjov L21vcnR5QGphYmJlci5vcmc9MEQ9MEE9DQoJU0lMQzovL21vcnR5IChrZXkgb24gcmVxdWVz dCkgPQ0KCT0wRD0wQT0NCglpY3E6Ly8xNzQwNjkwOTA9MEQ9MEE9DQoJPTBEPTBBPQ0KCVN1 cHBvcnRlZCAgSU0tZW5jcnlwdGlvbjo9MEQ9MEE9DQoJUlNBIChnYWltLWVuY3J5cHRpb24p PTBEPTBBPQ0KCU9UUiAoaHR0cDovL3d3dy5jeXBoZXJwdW5rcy5jYS9vdHIvKQ0KeC1tb3pp bGxhLWh0bWw6VFJVRQ0KdmVyc2lvbjoyLjENCmVuZDp2Y2FyZA0KDQo= --------------060005030700050107070904-- --------------ms080000080202000607050800 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII2TCC AscwggIwoAMCAQICAw4OyDANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDUwMjE2MjA1NzU4WhcNMDYwMjE2MjA1NzU4 WjA/MR8wHQYDVQQDExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMRwwGgYJKoZIhvcNAQkBFg1t b3J0eUBnbXgubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HXVcoM3IDCK h4e/P2Yp06EAaYp2eHp3kWTN5EguvLVUFs4r9r//hRMvgDiXLv0KNi62hlE+1EM7ZZdCtH97 pk8BgpTwxjYf3Xgit6m43krGVhywE/qPTreoZmxu6U8dRTTTugD4RHHNElJjINHcfF7c3ZaU /B8nSU4t5n+fxW2P7yMquUGy1sg6xUr3XKwkD7ig/Uj5p6Gkjy91xDxMFQFmrMGkudRV/wgJ KVi8XgnPv4SOkX2BGAD2yvvO+6ccvIn+S8qQJdASsOlYO0vskw9AW/DtI1oSyWa/zCkxYdqn oK/GOkuNgRcBBHOyDqwV7Om89mLRTvCzUBJO7Dt0DwIDAQABoyowKDAYBgNVHREEETAPgQ1t b3J0eUBnbXgubmV0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEAMvQBj0JtALIo HxlmMqip88XItndSc+j924OB8MKlKH75UuyR+xG8iz3IEUgyxn+nLgf3j24iRpB68/ZnAwCP jOTSDW+Wmd3xOvIUgZ5bpGT+X/tvn7TfB6mAcFNJ9HNT3abgkNLczjQjVPNAskk3QybjIbap nn68MIYp3nDVOTswggLHMIICMKADAgECAgMODsgwDQYJKoZIhvcNAQEEBQAwYjELMAkGA1UE BhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMT I1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA1MDIxNjIwNTc1OFoX DTA2MDIxNjIwNTc1OFowPzEfMB0GA1UEAxMWVGhhd3RlIEZyZWVtYWlsIE1lbWJlcjEcMBoG CSqGSIb3DQEJARYNbW9ydHlAZ214Lm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANx11XKDNyAwioeHvz9mKdOhAGmKdnh6d5FkzeRILry1VBbOK/a//4UTL4A4ly79CjYu toZRPtRDO2WXQrR/e6ZPAYKU8MY2H914IrepuN5KxlYcsBP6j063qGZsbulPHUU007oA+ERx zRJSYyDR3Hxe3N2WlPwfJ0lOLeZ/n8Vtj+8jKrlBstbIOsVK91ysJA+4oP1I+aehpI8vdcQ8 TBUBZqzBpLnUVf8ICSlYvF4Jz7+EjpF9gRgA9sr7zvunHLyJ/kvKkCXQErDpWDtL7JMPQFvw 7SNaEslmv8wpMWHap6CvxjpLjYEXAQRzsg6sFezpvPZi0U7ws1ASTuw7dA8CAwEAAaMqMCgw GAYDVR0RBBEwD4ENbW9ydHlAZ214Lm5ldDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUA A4GBADL0AY9CbQCyKB8ZZjKoqfPFyLZ3UnPo/duDgfDCpSh++VLskfsRvIs9yBFIMsZ/py4H 949uIkaQevP2ZwMAj4zk0g1vlpnd8TryFIGeW6Rk/l/7b5+03wepgHBTSfRzU92m4JDS3M40 I1TzQLJJN0Mm4yG2qZ5+vDCGKd5w1Tk7MIIDPzCCAqigAwIBAgIBDTANBgkqhkiG9w0BAQUF ADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2Fw ZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNh dGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVt YWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4X DTAzMDcxNzAwMDAwMFoXDTEzMDcxNjIzNTk1OVowYjELMAkGA1UEBhMCWkExJTAjBgNVBAoT HFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25h bCBGcmVlbWFpbCBJc3N1aW5nIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEpjxV c1X7TrnKmVoeaMB1BHCd3+n/ox7svc31W/Iadr1/DDph8r9RzgHU5VAKMNcCY1osiRVwjt3J 8CuFWqo/cVbLrzwLB+fxH5E2JCoTzyvV84J3PQO+K/67GD4Hv0CAAmTXp6a7n2XRxSpUhQ9I BH+nttE8YQRAHmQZcmC3+wIDAQABo4GUMIGRMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0f BDwwOjA4oDagNIYyaHR0cDovL2NybC50aGF3dGUuY29tL1RoYXd0ZVBlcnNvbmFsRnJlZW1h aWxDQS5jcmwwCwYDVR0PBAQDAgEGMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRl TGFiZWwyLTEzODANBgkqhkiG9w0BAQUFAAOBgQBIjNFQg+oLLswNo2asZw9/r6y+whehQ5aU nX9MIbj4Nh+qLZ82L8D0HFAgk3A8/a3hYWLD2ToZfoSxmRsAxRoLgnSeJVCUYsfbJ3FXJY3d qZw5jowgT2Vfldr394fWxghOrvbqNOUQGls1TXfjViF4gtwhGTXeJLHTHUb/XV9lTzGCAzsw ggM3AgEBMGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQ dHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENB AgMODsgwCQYFKw4DAhoFAKCCAacwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG 9w0BCQUxDxcNMDUwMzI4MjAwNjM3WjAjBgkqhkiG9w0BCQQxFgQU9c/D25wOxzphewcg2lxq HadYWu0wUgYJKoZIhvcNAQkPMUUwQzAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYI KoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgweAYJKwYBBAGCNxAEMWswaTBi MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEs MCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECAw4OyDB6Bgsq hkiG9w0BCRACCzFroGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0 aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1 aW5nIENBAgMODsgwDQYJKoZIhvcNAQEBBQAEggEACuNb+ZvBXWugt8UPRd5WYUzK2a9mh6pw i51URNPqh2iPb6N3jTpvFGCqGZfBw4rtoH4sjS64JnBLRgrCV2UA4QSdH5SupwDbtiJafwXW VAC5a6LTBpfnIQykEoWHG9+4F4YOPV5kjlxVd4atuHUHiCQTjHyumFpT6Qf7A8gYEaVV6MPm irdfIkBU0ly9iQHLljmKl3J9OZFRxUAnvPms85JVn7clUvJe9qAhuuFU2p3j7xpTteq6+ytw 4WXXXkv7F4/7iaLNU/2+hJ9SsXGFlqputo6rt3be738ZcHzBBTA5Ekt7MGllRZLQBbgG7/DZ A+a4GN4seRJsRwM5dpfOhwAAAAAAAA== --------------ms080000080202000607050800-- From Jed Hassell Mon Mar 28 22:35:17 2005 From: Jed Hassell (Jed Hassell) Date: Mon, 28 Mar 2005 17:35:17 -0500 Subject: [OTR-users] Re: Ignored Messages Message-ID: How does OTR detect whether the other client speaks OTR? This would be of great help. Currently I'm trying to figure out how to use the toc_rvous_propose and toc_rvous_accept methods but there just isn't enough documentation on these methods to prove worthwhile. If you could explain how OTR detects if other clients are capable of understanding OTR messages, I could work this into my own implementation and just forget about the ignored messages. Thanks On Mon, Mar 28, 2005 at 12:52:14AM -0500, Jed Hassell wrote: > I'm a student at the University of Georgia and I'm currently working > on a project for one of my classes which requires me to be able to > send messages through the AOL network which will be ignored by all > clients except for the one that I am implementing. I am assuming that > there is a way to do this sense programs like gaim and trillian send > messages back and forth that are ignored by outside clients > (encryption setup). Does anyone on this mailing that has any idea how > to do this. I am using java 5.0 and am altering the simpleaim program > found on sourceforge. Thanks in advance for the help. OTR doesn't actually do this; rather than sending messages that will be ignored by clients that don't speak OTR, it first detects whether the other client speaks OTR, and if so, only then sends the message. As far as I understand, Trillian's encryption does the same thing; I don't know of a way to do what you want. - Ian From dcarrera@math.umd.edu Mon Mar 28 22:40:19 2005 From: dcarrera@math.umd.edu (Daniel Carrera) Date: Mon, 28 Mar 2005 17:40:19 -0500 Subject: [OTR-users] Perfect Forward Security In-Reply-To: <424860D8.1090002@brandeis.edu> References: <424860D8.1090002@brandeis.edu> Message-ID: <20050328224018.GC2798@math.umd.edu> I strongly recommend you read the paper also. It's short, very readable, and much more informative than the slides. After reading it, I just loved OTR. The system is really a clever use of well established algorithms to do something new. Cheers, Daniel. On Mon, Mar 28, 2005 at 02:54:00PM -0500, Jason Cohen wrote: > I actually knew it was "Perfect Forward Security" but mistakenly typed > "Secrecy". Anyways, thanks for the clarification. I also read your > "Off-the-Record Messaging or, when not to use PGP" power point > presentation for the Black Hat Briefings and it was quite helpful. > > Jason > _______________________________________________ > OTR-users mailing list > OTR-users@lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users -- Daniel Carrera | I don't want it perfect, Join OOoAuthors today! | I want it Tuesday. http://oooauthors.org | From ian@cypherpunks.ca Mon Mar 28 22:55:24 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 17:55:24 -0500 Subject: [OTR-users] Re: Ignored Messages In-Reply-To: References: Message-ID: <20050328225524.GK30200@smtp.paip.net> On Mon, Mar 28, 2005 at 05:35:17PM -0500, Jed Hassell wrote: > How does OTR detect whether the other client speaks OTR? This would > be of great help. Currently I'm trying to figure out how to use the > toc_rvous_propose and toc_rvous_accept methods but there just isn't > enough documentation on these methods to prove worthwhile. If you > could explain how OTR detects if other clients are capable of > understanding OTR messages, I could work this into my own > implementation and just forget about the ignored messages. [I don't know what toc_rvous_propose and toc_rvous_accept are.] There are two ways OTR uses: 1. If an OTR-enabled client sees any OTR protocol message coming from a buddy, it assumes the buddy can speak OTR. 2. If an OTR-enabled client sees a special whitespace pattern in a message coming from a buddy, it assumes the buddy can speak OTR. If your client is in the so-called "opportunistic" mode, it will append the whitespace pattern to the first message it sends to any buddy. If they're OTR-enabled, they'll recognize it and start an OTR session. Trillian uses a different method for its SecureIM protocol: 3. The AIM/ICQ network allows clients to publish lists of "capabilities". SecureIM is one of those capabilities; any client can tell if yours supports SecureIM. - Ian From jcohen07@brandeis.edu Mon Mar 28 23:47:59 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 18:47:59 -0500 Subject: [OTR-users] Re: Perfect Forward Secrecy Message-ID: <424897AF.7080806@brandeis.edu> I actually have read the paper, and OTR does indeed seem very clever. I suppose my problem is that I don't fully understand how Diffie Hellman Agreement can do what it does. I can understand RSA/DSA which creates a public/private keypair on one machine and then distributes the public key (I understand how PGP works), but the concept of realtime key generation over an insecure network is baffling. I suppose it would be nice if I could better understand the math involved. Could someone explain how Diffie Hellman works to a social-science undergraduate? It would be greatly appreciated. Jason From ian@cypherpunks.ca Tue Mar 29 00:18:18 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 19:18:18 -0500 Subject: [OTR-users] Re: Perfect Forward Secrecy In-Reply-To: <424897AF.7080806@brandeis.edu> References: <424897AF.7080806@brandeis.edu> Message-ID: <20050329001818.GL30200@smtp.paip.net> On Mon, Mar 28, 2005 at 06:47:59PM -0500, Jason Cohen wrote: > I actually have read the paper, and OTR does indeed seem very clever. I > suppose my problem is that I don't fully understand how Diffie Hellman > Agreement can do what it does. I can understand RSA/DSA which creates a > public/private keypair on one machine and then distributes the public > key (I understand how PGP works), but the concept of realtime key > generation over an insecure network is baffling. I suppose it would be > nice if I could better understand the math involved. Could someone > explain how Diffie Hellman works to a social-science undergraduate? It > would be greatly appreciated. [Since you indicate you know how PGP works, I'll also include the math bits, in brackets.] DH works in almost the same way, except *both* Alice and Bob need a public/private keypair. Alice sends her public key to Bob, and Bob sends his to Alice. [Math bits: Alice's private key is "a", and her public key is "A" = "g^a mod p", where g and p are specified in advance (in the OTR spec in this case, which uses the standard ones from IPSec). Similarly, Bob's private key is "b", and his public key is "B" = "g^b mod p".] Alice then knows Bob's public key "B", as well as her own private key "a". Bob knows Alice's public key "A", as well as his own private key "b". Eve the easvesdropper only knows Alice and Bob's public keys, "A" and "B". Now comes the magic of Diffie-Hellman: it turns out Alice can combine her own private key with Bob's public key in such a way, so as when Bob combines his own private key with Alice's public key, they get *the same answer*. Moreover, Eve, who knows both public keys, but neither private key, has no (known) way of calculating this answer. [Math bits: Alice calculates "B^a mod p", and Bob calulates "A^b mod p". Note that: B^a mod p = (g^b mod p)^a mod p = g^(ba) mod p = g^(ab) mod p = (g^a mod p)^b mod p = A^b mod p ] This common value is called the Diffie-Hellman shared secret, and is used in various ways to encrypt the message. Since Alice and Bob both know it, and Eve doesn't, this is secure. In OTR, Alice and Bob change their keys *often* (as often as every message), so each message ends up being encrypted with a brand-new DH shared secret. Does that help? - Ian From jcohen07@brandeis.edu Tue Mar 29 00:22:46 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 19:22:46 -0500 Subject: [OTR-users] RSA key support + Larger DH keys Message-ID: <42489FD6.2070609@brandeis.edu> Quoting Ian Goldberg >In this version of the protocol, the only key exchange method defined is > DSA, and the only key agreement is 1536-bit DH. This may change in a > later version, at the cost of incompatibility with clients that don't > understand it. Are there plans to change the protocol to support RSA keys or larger DH keys, or is this just a hypothetical at this point? Jason From ian@cypherpunks.ca Tue Mar 29 00:32:02 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Mon, 28 Mar 2005 19:32:02 -0500 Subject: [OTR-users] RSA key support + Larger DH keys In-Reply-To: <42489FD6.2070609@brandeis.edu> References: <42489FD6.2070609@brandeis.edu> Message-ID: <20050329003202.GN30200@smtp.paip.net> On Mon, Mar 28, 2005 at 07:22:46PM -0500, Jason Cohen wrote: > Quoting Ian Goldberg > > >In this version of the protocol, the only key exchange method defined is > > DSA, and the only key agreement is 1536-bit DH. This may change in a > > later version, at the cost of incompatibility with clients that don't > > understand it. > > Are there plans to change the protocol to support RSA keys or larger > DH keys, or is this just a hypothetical at this point? I don't think there's any point to using RSA encryption where DH is used now, but different DH groups may be possible. But yes, it's hypothetical at this time. There *is* a plausible reason to use RSA signatures instead of DSA in the initial key exchange, but that's also hypothetical. - Ian From adam_zimmerman@ezrs.com Tue Mar 29 00:31:10 2005 From: adam_zimmerman@ezrs.com (Adam Zimmerman) Date: Mon, 28 Mar 2005 16:31:10 -0800 Subject: [OTR-users] Re: Perfect Forward Secrecy In-Reply-To: <424897AF.7080806@brandeis.edu> References: <424897AF.7080806@brandeis.edu> Message-ID: <1112056270.30491.9.camel@localhost> OK, let me try. I'm only a first year comp-sci major, so this could be horribly wrong. I don't quite understand math describing *why* it works. However, the math that allows 2 people to come up with the same key is quite simple. Alice chooses a random number a. Bob chooses b. g and p are prechosen, and can be public. Alice computes g^a mod p, and Bob does g^b mod p. These are their public values. Alice takes Bob's public key, and combines it with her own, by computing: (g^b)^a mod p (remember a is Alice's private key). Bob does likewise, (g^a)^b mod p. Since (x^y)^z = x^yz, Alice and Bob have both computed g^ab (mod p, which doesn't change anything), which is their shared key. Like I said, I'm not sure *why* this is secure, but there's the math for you. Hope that helped. On Mon, 2005-03-28 at 18:47 -0500, Jason Cohen wrote: > I actually have read the paper, and OTR does indeed seem very clever. I > suppose my problem is that I don't fully understand how Diffie Hellman > Agreement can do what it does. I can understand RSA/DSA which creates a > public/private keypair on one machine and then distributes the public > key (I understand how PGP works), but the concept of realtime key > generation over an insecure network is baffling. I suppose it would be > nice if I could better understand the math involved. Could someone > explain how Diffie Hellman works to a social-science undergraduate? It > would be greatly appreciated. > > Jason > _______________________________________________ > OTR-users mailing list > OTR-users@lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users -- Adam Zimmerman CREATIVITY - http://tinyurl.com/3oxgw ALWAYS - http://randomfoo.net/oscon/2002/lessig/ BUILDS - http://www.theopencd.org/ ON THE PAST - http://free-culture.org/freecontent/ -- Programmers do it bit by bit. From jcohen07@brandeis.edu Tue Mar 29 00:41:38 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 19:41:38 -0500 Subject: [OTR-users] Re: Perfect Forward Secrecy In-Reply-To: <20050329001818.GL30200@smtp.paip.net> References: <424897AF.7080806@brandeis.edu> <20050329001818.GL30200@smtp.paip.net> Message-ID: <4248A442.90700@brandeis.edu> Thanks! It's now much clearer. I was initially confused about how Alice and Bob learn "g" and "p" since this isn't sent over the network and I also was confused about how the shared secret was created. Your explanation as well as the "math bits" was very helpful. (Now I'm trying to figure out why it seemed so complicated before). Thanks again.

Ian Goldberg wrote: 
On Mon, Mar 28, 2005 at 06:47:59PM -0500, Jason Cohen wrote:
  
I actually have read the paper, and OTR does indeed seem very clever. I
suppose my problem is that I don't fully understand how Diffie Hellman
Agreement can do what it does. I can understand RSA/DSA which creates a
public/private keypair on one machine and then distributes the public
key (I understand how PGP works), but the concept of realtime key
generation over an insecure network is baffling. I suppose it would be
nice if I could better understand the math involved. Could someone
explain how Diffie Hellman works to a social-science undergraduate? It
would be greatly appreciated.
    

[Since you indicate you know how PGP works, I'll also include the math
bits, in brackets.]

DH works in almost the same way, except *both* Alice and Bob need a
public/private keypair.  Alice sends her public key to Bob, and Bob
sends his to Alice. [Math bits: Alice's private key is "a", and her
public key is "A" = "g^a mod p", where g and p are specified in advance
(in the OTR spec in this case, which uses the standard ones from IPSec).
Similarly, Bob's private key is "b", and his public key is "B" =
"g^b mod p".]

Alice then knows Bob's public key "B", as well as her own private key "a".
Bob knows Alice's public key "A", as well as his own private key "b".
Eve the easvesdropper only knows Alice and Bob's public keys, "A" and "B".

Now comes the magic of Diffie-Hellman: it turns out Alice can combine
her own private key with Bob's public key in such a way, so as when Bob
combines his own private key with Alice's public key, they get *the same
answer*.  Moreover, Eve, who knows both public keys, but neither private
key, has no (known) way of calculating this answer.

[Math bits: Alice calculates "B^a mod p", and Bob calulates "A^b mod p".
Note that:

   B^a mod p = (g^b mod p)^a mod p
             = g^(ba) mod p
	     = g^(ab) mod p
	     = (g^a mod p)^b mod p
	     = A^b mod p
]

This common value is called the Diffie-Hellman shared secret, and is
used in various ways to encrypt the message.  Since Alice and Bob both
know it, and Eve doesn't, this is secure.

In OTR, Alice and Bob change their keys *often* (as often as every
message), so each message ends up being encrypted with a brand-new DH
shared secret.

Does that help?

   - Ian
_______________________________________________
OTR-users mailing list
OTR-users@lists.cypherpunks.ca
http://lists.cypherpunks.ca/mailman/listinfo/otr-users

From jcohen07@brandeis.edu Tue Mar 29 00:46:08 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 19:46:08 -0500 Subject: [OTR-users] RSA key support + Larger DH keys In-Reply-To: <20050329003202.GN30200@smtp.paip.net> References: <42489FD6.2070609@brandeis.edu> <20050329003202.GN30200@smtp.paip.net> Message-ID: <4248A550.3050304@brandeis.edu> Sorry, I should have been clearer. I was asking if there were plans to allow RSA signature keys as well as larger DH keys. I was not asking if RSA keys would be allowed for encryption.

Jason

Ian Goldberg wrote: 
On Mon, Mar 28, 2005 at 07:22:46PM -0500, Jason Cohen wrote:
  
Quoting Ian Goldberg

    
In this version of the protocol, the only key exchange method defined is
DSA, and the only key agreement is 1536-bit DH.  This may change in a
later version, at the cost of incompatibility with clients that don't
understand it.
      
Are there plans to change the protocol to support RSA keys or larger
DH keys, or is this just a hypothetical at this point?
    

I don't think there's any point to using RSA encryption where DH is used
now, but different DH groups may be possible.  But yes, it's
hypothetical at this time.

There *is* a plausible reason to use RSA signatures instead of DSA in
the initial key exchange, but that's also hypothetical.

   - Ian
_______________________________________________
OTR-users mailing list
OTR-users@lists.cypherpunks.ca
http://lists.cypherpunks.ca/mailman/listinfo/otr-users

From jcohen07@brandeis.edu Tue Mar 29 02:30:38 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 21:30:38 -0500 Subject: [OTR-users] gaim-otr plugin Message-ID: <4248BDCE.4050702@brandeis.edu> I also use Mandrake 10.1 so I should be able to help. After compiling and installing libotr you'll need to do the same for gaim-otr. Make sure you have gaim-devel, and compile gaim-otr. When that's done you'll need to make install as root. At least on my system, the plugin file is installed to /usr/lib/gaim/gaim-otr.so - NOT /home/user/.gaim/plugins. You can also recompile the source rpm which is what I did. Your system must be setup to rebuild rpms. As a user do this: rpm --rebuild libotr...src.rpm rpm --rebuild gaim-otr...src.rpm The rpm will be installed to /home/user/rpm/RPMS/i586/ If you want I can email you the 10.1 recompiled for gaim-otr. It's only 78 kb or so. Quoting: Ryan R. Matt Hello, I am using Mandrake 10.1 so I downloaded the source files and compiled them. I installed libotr.2.0.1 without any problems. I followed the readme's advice and downloaded and installed pkg-config 0.15 with any problems. Then I downloaded and compiled gaim-otr. So far no problem. It installs in the proper directories (/usr/lib/gaim) and I copy it to ~/.gaim and ~/.gaim/plugins as per the README file. I then opened up gaim and opened up the preferences menu and selected the plugins menu. while searching the menu i cannot find the Gaim-OTR plugin listed. I don't know what other information to provide because i'm not really sure what the problem is, i.e., I even rebooted the system and logged in and still no luck with getting gaim to register the plugin. I have gaim-encryption right now, but my friend said that OTR was better. I have gaim-devel installed as well. My gaim verision is 1.2.0. Any advice would be greately appreciated. Thank you for your courtesies. Sincerely, Ryan From jcohen07@brandeis.edu Tue Mar 29 04:27:35 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Mon, 28 Mar 2005 23:27:35 -0500 Subject: [OTR-users] DH moduli & AES keysize Message-ID: <4248D937.4020505@brandeis.edu> Wouldn't it be quite simple to use new DH moduli? ssh-keygen actually provides a utility to create & test moduli. I created 4096 bit DH moduli (and tested all 280,000 of them in 19 hours) and replaced /etc/ssh/moduli with the new larger values. Provided OTR read moduli from a file, it should be quite simple for users to generate moduli of any size. I would think it would also be equally simple to increase the AES keysize used to 192 or 256. Jason Quoting: I don't think there's any point to using RSA encryption where DH is used now, but different DH groups may be possible. But yes, it's hypothetical at this time. There *is* a plausible reason to use RSA signatures instead of DSA in the initial key exchange, but that's also hypothetical. - Ian From ian@cypherpunks.ca Tue Mar 29 12:34:38 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Tue, 29 Mar 2005 07:34:38 -0500 Subject: [OTR-users] DH moduli & AES keysize In-Reply-To: <4248D937.4020505@brandeis.edu> References: <4248D937.4020505@brandeis.edu> Message-ID: <20050329123438.GO30200@smtp.paip.net> On Mon, Mar 28, 2005 at 11:27:35PM -0500, Jason Cohen wrote: > Wouldn't it be quite simple to use new DH moduli? ssh-keygen actually > provides a utility to create & test moduli. I created 4096 bit DH > moduli (and tested all 280,000 of them in 19 hours) and replaced > /etc/ssh/moduli with the new larger values. Provided OTR read moduli > from a file, it should be quite simple for users to generate moduli of > any size. I would think it would also be equally simple to increase > the AES keysize used to 192 or 256. The hard part is of course not in using a different value of p. 1536 bits was chosen so as to reduce message latency and size overhead, while providing sufficient security. Remember that you and your buddy have to use the same value of p, so if there's more than one available, you need an extra step to negotiate it, and this also opens you up to "rollback" attacks. If we're going to allow larger DH moduli, we'll almost certainly just specify the ones in RFC 3526, rather than making users generate their own, anyway. - Ian From jcohen07@brandeis.edu Tue Mar 29 21:09:56 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Tue, 29 Mar 2005 16:09:56 -0500 Subject: [OTR-users] DH moduli & AES keysize In-Reply-To: <20050329123438.GO30200@smtp.paip.net> References: <4248D937.4020505@brandeis.edu> <20050329123438.GO30200@smtp.paip.net> Message-ID: <4249C424.8070809@brandeis.edu> The WPES 2004 paper states that under the current protocol a person can send and receive up to 18 messages per second (36 messages total) on a 450 mhz Pentium IIII. Thus, it would seem that even on a slow machine 2048 bit DH moduli wouldn't add a great deal of latency. 450 mhz machines are also on the low end of what is generally used for desktops. Most PCs are 2-3 years old and 450 mhz processors are at least 4-5 if I remember correctly. Does anyone happen to have performance tests for 2048 or 3072 bit DH moduli. Could I test this myself? Jason >The hard part is of course not in using a different value of p. 1536 >bits was chosen so as to reduce message latency and size overhead, while >providing sufficient security. Remember that you and your buddy have to >use the same value of p, so if there's more than one available, you need >an extra step to negotiate it, and this also opens you up to "rollback" >attacks. > >If we're going to allow larger DH moduli, we'll almost certainly just >specify the ones in RFC 3526, rather than making users generate their >own, anyway. > > - Ian >_______________________________________________ >OTR-users mailing list >OTR-users@lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > From joel-pub@mawhorter.org Tue Mar 29 22:16:30 2005 From: joel-pub@mawhorter.org (Joel Mawhorter) Date: Tue, 29 Mar 2005 14:16:30 -0800 Subject: [OTR-users] DH moduli & AES keysize In-Reply-To: <4249C424.8070809@brandeis.edu> References: <4248D937.4020505@brandeis.edu> <20050329123438.GO30200@smtp.paip.net> <4249C424.8070809@brandeis.edu> Message-ID: <20050329141630.4952e012@localhost> On Tue, 29 Mar 2005 16:09:56 -0500 Jason Cohen wrote: > The WPES 2004 paper states that under the current protocol a person can > send and receive up to 18 messages per second (36 messages total) on a > 450 mhz Pentium IIII. Thus, it would seem that even on a slow machine > 2048 bit DH moduli wouldn't add a great deal of latency. 450 mhz > machines are also on the low end of what is generally used for desktops. > Most PCs are 2-3 years old and 450 mhz processors are at least 4-5 if I > remember correctly. Don't forget that many of the people who are in situations where the need for OTR is most important do not have access to the latest (or maybe even 4-5 year old) hardware. I'm sure people with fast desktop machines make up the majority of current OTR users but how many of them use OTR because they fear torture and death from oppressive governments? As well, if OTR will ever be used for instant messaging on portable devices, making OTR require a lot more computational power is probably not a good idea. Joel > Does anyone happen to have performance tests for 2048 or 3072 bit DH > moduli. Could I test this myself? > > Jason > From jcohen07@brandeis.edu Tue Mar 29 22:37:00 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Tue, 29 Mar 2005 17:37:00 -0500 Subject: [OTR-users] DH moduli & AES keysize In-Reply-To: <20050329141630.4952e012@localhost> References: <4248D937.4020505@brandeis.edu> <20050329123438.GO30200@smtp.paip.net> <4249C424.8070809@brandeis.edu> <20050329141630.4952e012@localhost> Message-ID: <4249D88C.909@brandeis.edu> People who live in nations with oppressive dictatorships will not protect themselves by using encryption. The very fact that they are encrypting data I'm sure would be considered a crime. They also would likely not have access to their own personal machines which would allow them to install & setup OTR. We have some semblence of privacy because the United States as well as Westsern Europe generally does not make it a crime encrypt data. Secondly, no one would be forced to use larger DH moduli. The default could remain at 1536, with the option for the user of increasing the size. As I said, the speed difference between 1536 and 2048 is probably quite minimal on most systems (even a 450 mhz system) and a PDA wouldn't be rekeying every message anyways. The WPES paper recommends rekeying every minute. OTR could read from a default list of moduli with sizes say between 1536 and 4096 bits (so the moduli don't have to be sent over the network). The OTR user initiating the private conversation would just specify the key size he desires, and perhaps a minimum keysize he'll accept to prevent rollback attacks. If a user specifies a moduli size larger than 2048 a warning message could inform him that his might cause slowdowns as gnupg already does. If the user doesn't mind or thinks the slowdown will be minimal, and his buddy's have fairly fast computers he can choose a larger bit size. If he doesn't have a preference or thinks 1536 bits is sufficient, he can keep the default size which I imagine most people will do. Jason Joel Mawhorter wrote: >y On Tue, 29 Mar 2005 16:09:56 -0500 >Jason Cohen wrote: > > > >>The WPES 2004 paper states that under the current protocol a person can >>send and receive up to 18 messages per second (36 messages total) on a >>450 mhz Pentium IIII. Thus, it would seem that even on a slow machine >>2048 bit DH moduli wouldn't add a great deal of latency. 450 mhz >>machines are also on the low end of what is generally used for desktops. >>Most PCs are 2-3 years old and 450 mhz processors are at least 4-5 if I >>remember correctly. >> >> > >Don't forget that many of the people who are in situations where the need for OTR is most important do not have access to the latest (or maybe even 4-5 year old) hardware. I'm sure people with fast desktop machines make up the majority of current OTR users but how many of them use OTR because they fear torture and death from oppressive governments? > >As well, if OTR will ever be used for instant messaging on portable devices, making OTR require a lot more computational power is probably not a good idea. > >Joel > > > >>Does anyone happen to have performance tests for 2048 or 3072 bit DH >>moduli. Could I test this myself? >> >>Jason >> >> >> >_______________________________________________ >OTR-users mailing list >OTR-users@lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > From ian@cypherpunks.ca Tue Mar 29 23:29:22 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Tue, 29 Mar 2005 18:29:22 -0500 Subject: [OTR-users] DH moduli & AES keysize In-Reply-To: <20050329123438.GO30200@smtp.paip.net> References: <4248D937.4020505@brandeis.edu> <20050329123438.GO30200@smtp.paip.net> Message-ID: <20050329232922.GS30200@smtp.paip.net> On Tue, Mar 29, 2005 at 07:34:38AM -0500, Ian Goldberg wrote: > The hard part is of course not in using a different value of p. 1536 > bits was chosen so as to reduce message latency and size overhead, while ^^^^^^^^^^^^^^^^^ > providing sufficient security. You're focusing on the latency, and forgetting about the size. Using a 4096-bit key instead of 1536-bit will remove 320 bytes from the available message size, which is already pretty small for some IM protocols (around 500 bytes or so for ICQ, I think). You could add fragmentation to the OTR protocol, at the cost of even more overhead. You really think 1536-bit discrete logs will be calculable any time soon? I'll just say again that this change isn't on my personal priority list. But hey, it's open-source, right? ;-) - Ian From jcohen07@brandeis.edu Tue Mar 29 23:37:38 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Tue, 29 Mar 2005 18:37:38 -0500 Subject: [OTR-users] DH moduli & AES keysize Message-ID: <4249E6C2.2050309@brandeis.edu> On Tue, Mar 29, 2005 at 07:34:38AM -0500, Ian Goldberg wrote: >> The hard part is of course not in using a different value of p. 1536 >> bits was chosen so as to reduce message latency and size overhead, while > > ^^^^^^^^^^^^^^^^^ >> providing sufficient security. > > You're focusing on the latency, and forgetting about the size. Using a 4096-bit key instead of 1536-bit will remove 320 bytes from the available message size, which is already pretty small for some IM protocols (around 500 bytes or so for ICQ, I think). You could add fragmentation to the OTR protocol, at the cost of even more overhead. You really think 1536-bit discrete logs will be calculable any time soon? I'll just say again that this change isn't on my personal priority list. But hey, it's open-source, right? ;-) - Ian I didn't realize the size limitations were that restrictive. Any idea what the AIM size limit is? I figured you had at least a 1000 bytes to use. Oh, and I don't think 1536 discrete logs will be broken in the near future, but if 2048 bit keys provide reasonable security until 2030 with minimal performance and size impact (64 bytes), why not? From paul@cypherpunks.ca Wed Mar 30 21:07:17 2005 From: paul@cypherpunks.ca (Paul Wouters) Date: Wed, 30 Mar 2005 23:07:17 +0200 (CEST) Subject: [OTR-users] gaim-otr plugin In-Reply-To: <4248BDCE.4050702@brandeis.edu> Message-ID: On Mon, 28 Mar 2005, Jason Cohen wrote: > I also use Mandrake 10.1 so I should be able to help. After compiling > You can also recompile the source rpm which is what I did. Your system > must be setup to rebuild rpms. Can you tell me if there ia yne wrong path or option used in building the rpm from the pacakges SPEC file or 'fedora' source rpm? And if there is, can you provide a fixed version for me to compare, and a proper way of detecting a Mandrake system? Paul From jcohen07@brandeis.edu Wed Mar 30 23:46:12 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Wed, 30 Mar 2005 18:46:12 -0500 Subject: [OTR-users] gaim-otr plugin In-Reply-To: References: Message-ID: <424B3A44.7030606@brandeis.edu> Paul Wouters wrote: >On Mon, 28 Mar 2005, Jason Cohen wrote: > > > >>I also use Mandrake 10.1 so I should be able to help. After compiling >> >> > > > >>You can also recompile the source rpm which is what I did. Your system >>must be setup to rebuild rpms. >> >> > >Can you tell me if there ia yne wrong path or option used in building >the rpm from the pacakges SPEC file or 'fedora' source rpm? And if there >is, can you provide a fixed version for me to compare, and a proper way >of detecting a Mandrake system? > >Paul > >_______________________________________________ >OTR-users mailing list >OTR-users@lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > I followed the instructions on this site to setup Mandrake to rebuild rpms: http://qa.mandrakesoft.com/twiki/bin/view/Main/RpmHowTo In your home directory you'll need to create the necessary directory structure: mkdir -p ~/rpm/{BUILD,RPMS/i586,RPMS/noarch,SOURCES,SRPMS,SPECS,tmp} Then create these two files in your home directory: .rpmrc buildarchtranslate: i386: i586 buildarchtranslate: i486: i586 buildarchtranslate: i586: i586 buildarchtranslate: i686: i586 .rpmmacros %_topdir YOUR_HOME_DIR/rpm %_tmppath YOUR_HOME_DIR/rpm/tmp %_signature gpg %_gpg_name Mandrakelinux %_gpg_path ~/.gnupg %distribution Mandrakelinux %vendor Mandrakesoft Now you're ready to do rpm --rebuild. Jason From jcohen07@brandeis.edu Wed Mar 30 23:50:59 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Wed, 30 Mar 2005 18:50:59 -0500 Subject: [OTR-users] gaim-otr plugin In-Reply-To: References: Message-ID: <424B3B63.5010603@brandeis.edu> Paul Wouters wrote: >On Mon, 28 Mar 2005, Jason Cohen wrote: > > > >>I also use Mandrake 10.1 so I should be able to help. After compiling >> >> > > > >>You can also recompile the source rpm which is what I did. Your system >>must be setup to rebuild rpms. >> >> > >Can you tell me if there ia yne wrong path or option used in building >the rpm from the pacakges SPEC file or 'fedora' source rpm? And if there >is, can you provide a fixed version for me to compare, and a proper way >of detecting a Mandrake system? > >Paul > >_______________________________________________ >OTR-users mailing list >OTR-users@lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > I'm not sure if I made this clear before. You DO NOT need new spec files. Once your system is setup to rebuild rpms, you can rebuild any srpm. It doesn't matter what system the source rpm was built under. From jcohen07@brandeis.edu Thu Mar 31 02:30:45 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Wed, 30 Mar 2005 21:30:45 -0500 Subject: [OTR-users] Is there any way to prevent the "You attempted to send an unencrypted message" dialog? Message-ID: <424B60D5.2010303@brandeis.edu> Can this dailog be disabled? One would only get this message if they selected the option to require Private messaging. The message seems to only tell you what you should already know- no messages will be sent over the network unencrypted. The encrypted session must be initiated before the message can be sent. It would of course make sense to warn the user if a private session couldn't be initiated, but what's the point if one is setup successfully? If all messages are being encrypted, why warn the user? Jason From jcohen07@brandeis.edu Thu Mar 31 02:54:55 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Wed, 30 Mar 2005 21:54:55 -0500 Subject: [OTR-users] Rate Limit Error message appears for no apparent reason Message-ID: <424B667F.4080702@brandeis.edu> While using OTR I received rate limit errors for no apparent reason. I don't even think I was having an active conversation at the time, though I did have one or two private sessions going. This happened to me on two or three occasions but I ignored it as an AIM screwup. However, upon reading the dev list, it seems behavior might be the fault of OTR. It's not reproduceable, so would I find the cause of the problem? Jason From gdt@ir.bbn.com Thu Mar 31 14:57:42 2005 From: gdt@ir.bbn.com (Greg Troxel) Date: 31 Mar 2005 09:57:42 -0500 Subject: [OTR-users] Is there any way to prevent the "You attempted to send an unencrypted message" dialog? In-Reply-To: <424B60D5.2010303@brandeis.edu> References: <424B60D5.2010303@brandeis.edu> Message-ID: Do you mean to suggest that on trying to send a message when there isn't a key setup to try to set up key if ok, send message encrypted if fail, tell user message was not sent instead of point out policy try tot set up key if ok, send message encrytped -- Greg Troxel From ian@cypherpunks.ca Thu Mar 31 16:12:12 2005 From: ian@cypherpunks.ca (Ian Goldberg) Date: Thu, 31 Mar 2005 11:12:12 -0500 Subject: [OTR-users] Rate Limit Error message appears for no apparent reason In-Reply-To: <424B667F.4080702@brandeis.edu> References: <424B667F.4080702@brandeis.edu> Message-ID: <20050331161212.GF30200@smtp.paip.net> On Wed, Mar 30, 2005 at 09:54:55PM -0500, Jason Cohen wrote: > While using OTR I received rate limit errors for no apparent reason. I > don't even think I was having an active conversation at the time, though > I did have one or two private sessions going. This happened to me on > two or three occasions but I ignored it as an AIM screwup. However, upon > reading the dev list, it seems behavior might be the fault of OTR. It's > not reproduceable, so would I find the cause of the problem? There was indeed a problem with OTR that sometimes caused this behaviour, but it was fixed in 2.0.1. So assuming you're running the latest version, you shouldn't be running into the particular problem discussed on the dev list. - Ian From jcohen07@brandeis.edu Thu Mar 31 21:30:12 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Thu, 31 Mar 2005 16:30:12 -0500 Subject: [OTR-users] Is there any way to prevent the "You attempted to send an unencrypted message" dialog? Message-ID: <424C6BE4.90403@brandeis.edu> Do you mean to suggest that on trying to send a message when there isn't a key setup to try to set up key if ok, send message encrypted if fail, tell user message was not sent instead of point out policy try tot set up key if ok, send message encrytped Yes, that's precisely what I mean to say. The user changed the default setting to require encrypted messaging. There's no reason to point out the policy every time he attempts to send a message, and there's nothing insecure about waiting until the session is setup to then send the message encrypted. So, if ALWAYS is set do this: (user sends message) Setup Key Exchange If ok, send message encrypted If fail, tell user that the message was not sent + recipient does not have OTR installed and can't setup private communications. From jcohen07@brandeis.edu Thu Mar 31 21:33:32 2005 From: jcohen07@brandeis.edu (Jason Cohen) Date: Thu, 31 Mar 2005 16:33:32 -0500 Subject: [OTR-users] Rate Limit Error message appears for no apparent reason In-Reply-To: <20050331161212.GF30200@smtp.paip.net> References: <424B667F.4080702@brandeis.edu> <20050331161212.GF30200@smtp.paip.net> Message-ID: <424C6CAC.5090103@brandeis.edu> Ian Goldberg wrote: >On Wed, Mar 30, 2005 at 09:54:55PM -0500, Jason Cohen wrote: > > >>While using OTR I received rate limit errors for no apparent reason. I >>don't even think I was having an active conversation at the time, though >>I did have one or two private sessions going. This happened to me on >>two or three occasions but I ignored it as an AIM screwup. However, upon >>reading the dev list, it seems behavior might be the fault of OTR. It's >>not reproduceable, so would I find the cause of the problem? >> >> > >There was indeed a problem with OTR that sometimes caused this >behaviour, but it was fixed in 2.0.1. So assuming you're running the >latest version, you shouldn't be running into the particular problem >discussed on the dev list. > > - Ian >_______________________________________________ >OTR-users mailing list >OTR-users@lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > I have gaim-otr-2.0.1 as well as libotr-2.0.1 installed on my laptop, and the recipient (who also informed me that she was getting the same errors) installed gaim-otr-2.0.1.exe off the OTR site. I recompiled the Fedora Core Source RPM for Mandrake 10.1 and have had no other issues.