From jcohen07 at brandeis.edu Tue May 3 18:59:05 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Tue, 03 May 2005 18:59:05 -0400 Subject: [OTR-users] Re: [OTR-announce] New OTR software, and other news In-Reply-To: <20050503215815.GT1071@smtp.paip.net> References: <20050503215815.GT1071@smtp.paip.net> Message-ID: <42780239.7080003@brandeis.edu> gaim-otr-2.0.2 fixed conflicts between gaim-encrypt and OTR when both plugins are enabled. Thanks! Jason Ian Goldberg wrote: > - gaim-otr-2.0.2 and libotr-2.0.2 released. Changes from 2.0.1: >* - Fix to co-exist more nicely with other encrypting gaim plugins.* > - gaim-otr is now autoconfiscated, thanks to Greg Troxel. > > - Ian >_______________________________________________ >OTR-announce mailing list >OTR-announce at lists.cypherpunks.ca >http://lists.cypherpunks.ca/mailman/listinfo/otr-announce > > From laura.traversa at gmail.com Wed May 4 15:22:00 2005 From: laura.traversa at gmail.com (Laura Traversa) Date: Wed, 4 May 2005 21:22:00 +0200 Subject: [OTR-users] (no subject) Message-ID: From ian at cypherpunks.ca Thu May 5 19:12:58 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 5 May 2005 19:12:58 -0400 Subject: [OTR-users] Trillian + otrproxy screenshots? Message-ID: <20050505231258.GC1071@smtp.paip.net> Can any of you Trillian + otrproxy users send some instructions (and maybe screenshots?) on how to install / configure it? The trickiest bit seems to be how to configure the per-protocol proxy settings in Trillian. Thanks, - Ian From ian at cypherpunks.ca Wed May 11 14:18:34 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Wed, 11 May 2005 14:18:34 -0400 Subject: [OTR-users] What distros ship with OTR software? Message-ID: <20050511181834.GX1071@smtp.paip.net> I'm making a list of distros that ship with OTR software. So far, I've got Gentoo, Debian sarge, Debian unstable, Ubuntu Breezy, FreeBSD, and NetBSD. Does anyone have pointers to ones I've missed? Also, is anyone aware of an IM client other than Adium X which supports OTR natively? Thanks, - Ian From rguerra at lists.privaterra.org Wed May 11 17:17:25 2005 From: rguerra at lists.privaterra.org (Robert Guerra) Date: Wed, 11 May 2005 17:17:25 -0400 Subject: [OTR-users] What distros ship with OTR software? In-Reply-To: <20050511181834.GX1071@smtp.paip.net> References: <20050511181834.GX1071@smtp.paip.net> Message-ID: <30A9D980-7A52-43F4-A938-E31876984010@lists.privaterra.org> Ian: it would be great to have OTR added in the next update/release Ubuntu linux. It's an up and coming distro that is quite nice. http://www.ubuntulinux.org/ regards Robert On 11-May-05, at 2:18 PM, Ian Goldberg wrote: > I'm making a list of distros that ship with OTR software. So far, > I've > got Gentoo, Debian sarge, Debian unstable, Ubuntu Breezy, FreeBSD, and > NetBSD. > > Does anyone have pointers to ones I've missed? > > Also, is anyone aware of an IM client other than Adium X which > supports > OTR natively? > > Thanks, > > - Ian > _______________________________________________ > OTR-users mailing list > OTR-users at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users > From kat at paip.net Wed May 11 17:23:00 2005 From: kat at paip.net (Kat Hanna) Date: Wed, 11 May 2005 17:23:00 -0400 (EDT) Subject: [OTR-users] What distros ship with OTR software? In-Reply-To: <30A9D980-7A52-43F4-A938-E31876984010@lists.privaterra.org> References: <20050511181834.GX1071@smtp.paip.net> <30A9D980-7A52-43F4-A938-E31876984010@lists.privaterra.org> Message-ID: Your wish is granted! That was easy. ;-) See below - Breezy is the next release, and OTR is in it. -Kat On Wed, 11 May 2005, Robert Guerra wrote: > Ian: > > it would be great to have OTR added in the next update/release Ubuntu > linux. It's an up and coming distro that is quite nice. > > http://www.ubuntulinux.org/ > > regards > > Robert > > On 11-May-05, at 2:18 PM, Ian Goldberg wrote: > > > I'm making a list of distros that ship with OTR software. So far, > > I've > > got Gentoo, Debian sarge, Debian unstable, Ubuntu Breezy, FreeBSD, and > > NetBSD. > > > > Does anyone have pointers to ones I've missed? > > > > Also, is anyone aware of an IM client other than Adium X which > > supports > > OTR natively? > > > > Thanks, > > > > - Ian > > _______________________________________________ > > OTR-users mailing list > > OTR-users at lists.cypherpunks.ca > > http://lists.cypherpunks.ca/mailman/listinfo/otr-users > > > > _______________________________________________ > OTR-users mailing list > OTR-users at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users > From gdt at ir.bbn.com Thu May 12 08:29:12 2005 From: gdt at ir.bbn.com (Greg Troxel) Date: 12 May 2005 08:29:12 -0400 Subject: [OTR-users] What distros ship with OTR software? In-Reply-To: <20050511181834.GX1071@smtp.paip.net> References: <20050511181834.GX1071@smtp.paip.net> Message-ID: Ian Goldberg writes: > I'm making a list of distros that ship with OTR software. So far, I've > got Gentoo, Debian sarge, Debian unstable, Ubuntu Breezy, FreeBSD, and > NetBSD. I think of "distro" as short for "Linux distribution", so I wouldn't use that word to apply to BSD, but I know what you mean. otr, and gaim-otr, are in NetBSD pkgsrc, but of course not in the base system. So "ship with" is true if you include pkgsrc, and it does make sense to include it, since the base system is (intentionally) fairly sparse. pkgsrc can be used on a huge list of operating systems - pretty much all modern relevant ones. Sun just donated servers to NetBSD, to run Solaris and be used to support pkgsrc on Solaris: http://www.netbsd.org/Foundation/press/sun-donation.html So while Solaris probably can't be said to "ship with" pkgsrc, it's a pretty easy way for Solaris users to get otr (and more importantly gaim, since gaim is much harder to compile by hand due to sheer number of dependencies). -- Greg Troxel From aldert at rotz.org Thu May 12 15:12:52 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Thu, 12 May 2005 21:12:52 +0200 Subject: [OTR-users] Works fine : Gaim 1.3.0 and OTR plugin for gaim 2.0.2 In-Reply-To: <20050511181834.GX1071@smtp.paip.net> References: <20050511181834.GX1071@smtp.paip.net> Message-ID: <4283AAB4.6020806@rotz.org> Hi, Gaim 1.3.0 was released 2 days ago : http://gaim.sourceforge.net/ It fixes a security bug or 2 so its a good idea to upgrade... http://gaim.sourceforge.net/security/index.php I downloaded the windows version and installed the OTR plugin for gaim version 2.0.2 available from the cypherpunks.ca website as well : http://www.cypherpunks.ca/otr/binaries/windows/gaim-otr-2.0.2.exe http://www.cypherpunks.ca/otr/binaries/windows/gaim-otr-2.0.2.exe.asc After some quick tests with AIM and ICQ it looks to -me- that the OTR plugin 2.0.2 that worked fine on Gaim 1.2.0 and 1.2.1 also works fine with Gaim 1.3.0. Aldert. From paul at cypherpunks.ca Thu May 12 18:45:37 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Fri, 13 May 2005 00:45:37 +0200 (CEST) Subject: [OTR-users] Works fine : Gaim 1.3.0 and OTR plugin for gaim 2.0.2 In-Reply-To: <4283AAB4.6020806@rotz.org> References: <20050511181834.GX1071@smtp.paip.net> <4283AAB4.6020806@rotz.org> Message-ID: On Thu, 12 May 2005, Aldert J.B.P. Hazenberg wrote: > After some quick tests with AIM and ICQ it looks to -me- that the OTR > plugin 2.0.2 that worked fine on Gaim 1.2.0 and 1.2.1 also works fine > with Gaim 1.3.0. Same here. Fedora pushed me the 1.30 gaim yesterday and it worked fine with the current libotr/gaim-otr. Paul From smujohnson at gmail.com Fri May 13 01:18:49 2005 From: smujohnson at gmail.com (smu johnson) Date: Thu, 12 May 2005 22:18:49 -0700 Subject: [OTR-users] Problem compiling in Ubuntu Linux Message-ID: <674e4ddd050512221834dc052a@mail.gmail.com> Hey all, checking for glib-2.0 >= 2.4 gtk+-2.0 >= 2.4 gaim >= 1.0... Requested 'glib-2.0 >= 2.4' but version of GLib is 2.0.0 configure: error: glib ./configure: line 19506: exit: gtk: numeric argument required ./configure: line 19506: exit: gtk: numeric argument required This is the problem when compiling the Gaim plugin.... unbelievable! I installed 2.0.4, 2.0.7, and now 2.0.0 and STILL get this error. Ubuntu has the libglib's already installed and they are 2.0. I don't know what the problem is! Thanks! From ian at cypherpunks.ca Fri May 13 09:18:02 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Fri, 13 May 2005 09:18:02 -0400 Subject: [OTR-users] Problem compiling in Ubuntu Linux In-Reply-To: <674e4ddd050512221834dc052a@mail.gmail.com> References: <674e4ddd050512221834dc052a@mail.gmail.com> Message-ID: <20050513131802.GQ1071@smtp.paip.net> On Thu, May 12, 2005 at 10:18:49PM -0700, smu johnson wrote: > Hey all, > > checking for glib-2.0 >= 2.4 gtk+-2.0 >= 2.4 gaim >= 1.0... Requested > 'glib-2.0 >= 2.4' but version of GLib is 2.0.0 > configure: error: glib > ./configure: line 19506: exit: gtk: numeric argument required > ./configure: line 19506: exit: gtk: numeric argument required > > This is the problem when compiling the Gaim plugin.... unbelievable! > I installed 2.0.4, 2.0.7, and now 2.0.0 and STILL get this error. > > Ubuntu has the libglib's already installed and they are 2.0. I don't > know what the problem is! You need at least version 2.4.0 of glib and gtk. Ubuntu Hoary has 2.6.3 in it (http://packages.ubuntu.com/hoary/libs/libglib2.0-0) so that should be fine. Warty's got 2.4.x in it, which is also fine. Where are you finding the 2.0.x versions? The command: $ pkg-config --modversion glib-2.0 will show you what version you've got installed. - Ian From jcohen07 at brandeis.edu Sat May 14 16:03:07 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Sat, 14 May 2005 16:03:07 -0400 Subject: [OTR-users] gaim-otr in debian unstable Message-ID: <4286597B.3000203@brandeis.edu> Debian unstable still has gaim-otr 2.0.1. Is there any plan to include 2.0.2 in unstable (sid)? It would be quite nice considering that debian also includes gaim-encryption and the two plugins conflict when used together in 2.0.1 but not in 2.0.2. Thanks. Jason From ian at cypherpunks.ca Mon May 16 16:41:30 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Mon, 16 May 2005 16:41:30 -0400 Subject: [OTR-users] Notice to users of iChat on OSX Tiger Message-ID: <20050516204130.GG1071@smtp.paip.net> It has come to our attention that the Tiger version of iChat continues to have the bug that existed in Panther (#3930228) which prevents it from connecting to a localhost SOCKS or HTTPS proxy. In addition, there is a new bug in Tiger (#4120243) which prevents iChat from using an HTTP proxy at all [http://discussions.info.apple.com/webx?13 at 367.qsNaabcKVYH.632707@.68adb401/0]. As a result, the Tiger version of iChat is completely unable to use a localhost proxy, and so will no longer work with otrproxy. This is very unfortunate, and the only workaround at the moment is to stick to Panther, or to use a different IM client. If you choose the latter, note that Adium X [http://www.adiumx.com/] now supports OTR natively; there is no need to use otrproxy with it. Feh. :-( - Ian From gorilla at i2pmail.org Tue May 17 08:45:12 2005 From: gorilla at i2pmail.org (gorilla) Date: Tue, 17 May 2005 12:45:12 +0000 (UCT) Subject: [OTR-users] IRC Message-ID: <20050517124512.A40374259@a.mx.i2pmail.org> Hi I can't find any reference to which protocols the gaim OTR plugin handles - does it do all of them? I can't get OTR to work with IRC. When I click the 'OTR:not private' button, I get an OTR Error popup window saying "We received a malformed Key Exchange message from BlahBlah". The other client gets this text coming up in the chat window: *blah:* test2 at irc.freenode.net has requested an Off-the-Record private conversation. However, you do not have a plugin to support that. *blah:* See http://www.cypherpunks.ca/otr/ for more information. This is Gaim 1.3.0 on Linux with OTR 2.0.2. I get the same thing trying to talk to Gaim and OTR running on windows. Any hints to get this working would be much appreciated, Gorilla. From ian at cypherpunks.ca Tue May 17 09:25:29 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Tue, 17 May 2005 09:25:29 -0400 Subject: [OTR-users] IRC In-Reply-To: <20050517124512.A40374259@a.mx.i2pmail.org> References: <20050517124512.A40374259@a.mx.i2pmail.org> Message-ID: <20050517132529.GM1071@smtp.paip.net> On Tue, May 17, 2005 at 12:45:12PM +0000, gorilla wrote: > Hi > > I can't find any reference to which protocols the gaim OTR plugin > handles - does it do all of them? > > I can't get OTR to work with IRC. When I click the 'OTR:not private' > button, I get an OTR Error popup window saying "We received a malformed > Key Exchange message from BlahBlah". The other client gets this text > coming up in the chat window: Indeed, it turns out IRC's maximum message size is too small for an OTR Key Exchange Message to fit. :-( Long-term, we'll need some manner of automated MMS-detection + fragmentation. What protocols does OTR work on? I'm pretty sure it's been tested on at least: - AIM - ICQ - Yahoo - MSN - Jabber - Sametime I think IRC's the only one it's been observed not to work on. If anyone out there has tested OTR on another protocol, post a note to let us know! We should certainly add this info to the web page. Thanks, - Ian From lists at lohengrin.net Tue May 17 10:49:39 2005 From: lists at lohengrin.net (lists at lohengrin.net) Date: Tue, 17 May 2005 09:49:39 -0500 Subject: [OTR-users] Trillian + otrproxy screenshots? In-Reply-To: <20050505231258.GC1071@smtp.paip.net>; from ian@cypherpunks.ca on Thu, May 05, 2005 at 07:12:58PM -0400 References: <20050505231258.GC1071@smtp.paip.net> Message-ID: <20050517094939.A2435@alliance.rogue-squad.com> * ian at cypherpunks.ca [2005.05.05 18:18]: > Can any of you Trillian + otrproxy users send some instructions (and > maybe screenshots?) on how to install / configure it? The trickiest bit > seems to be how to configure the per-protocol proxy settings in Trillian. Ian, Did you get any replies to this offlist? I didn't see any on the list and I'm interested as well. Cheers, Sean -- The Roman Rule: The one who says it cannot be done should never interrupt the one who is doing it. From ian at cypherpunks.ca Tue May 17 11:06:35 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Tue, 17 May 2005 11:06:35 -0400 Subject: [OTR-users] Trillian + otrproxy screenshots? In-Reply-To: <20050517094939.A2435@alliance.rogue-squad.com> References: <20050505231258.GC1071@smtp.paip.net> <20050517094939.A2435@alliance.rogue-squad.com> Message-ID: <20050517150635.GN1071@smtp.paip.net> On Tue, May 17, 2005 at 09:49:39AM -0500, lists at lohengrin.net wrote: > * ian at cypherpunks.ca [2005.05.05 18:18]: > > Can any of you Trillian + otrproxy users send some instructions (and > > maybe screenshots?) on how to install / configure it? The trickiest bit > > seems to be how to configure the per-protocol proxy settings in Trillian. > > Ian, > > Did you get any replies to this offlist? I didn't see any on the list > and I'm interested as well. Aldert's doing some. He sent me some raw screenshots, which he says he'll touch up and annotate. - Ian From aldert at rotz.org Tue May 17 18:09:42 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Wed, 18 May 2005 00:09:42 +0200 Subject: [OTR-users] Trillian + otrproxy screenshots? In-Reply-To: <20050517150635.GN1071@smtp.paip.net> References: <20050505231258.GC1071@smtp.paip.net> <20050517094939.A2435@alliance.rogue-squad.com> <20050517150635.GN1071@smtp.paip.net> Message-ID: <428A6BA6.4080103@rotz.org> Ian Goldberg wrote: > On Tue, May 17, 2005 at 09:49:39AM -0500, lists at lohengrin.net wrote: > >>* ian at cypherpunks.ca [2005.05.05 18:18]: >> >>>Can any of you Trillian + otrproxy users send some instructions (and >>>maybe screenshots?) on how to install / configure it? The trickiest bit >>>seems to be how to configure the per-protocol proxy settings in Trillian. >> >>Ian, >> >>Did you get any replies to this offlist? I didn't see any on the list >>and I'm interested as well. > > > Aldert's doing some. He sent me some raw screenshots, which he says > he'll touch up and annotate. > Gimme till tomorrow this time, I just got myself also Trillian Pro so I can compare if the 'free' version differs that much with the screenshots I have now. I plan to make a 'crude' webpage with nice screenshots, red arrows on them and some tekst around them. If you think you like to see a certain OTR action in (more) detail let me know (now or tomorrow) and I will include/add those. Aldert. From ian at cypherpunks.ca Thu May 19 15:55:58 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Thu, 19 May 2005 15:55:58 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? Message-ID: <20050519195558.GT1071@smtp.paip.net> The largest usability issue with OTR right now seems to me to be what happens when you try to talk to someone for the first time. Each side having to actively accept the other's fingerprint leads to all sorts of weird behaviours when one side accepts, and then starts typing before the other side accepts. [Len's bug #1198389 is related to this, as well.] There's also been call for removing the "Private connection established" dialog completely. So what would people think about this: - When you receive a new fingerprint, you're notified of this fact (with a dialog box), but it's automatically accepted right away. [Noting that approximately everyone just clicks "OK" anyway, this doesn't change the usual behaviour.] - If you *don't* want to accept the fingerprint, you'd have to delete it from your "known fingerprints" list. Like today, I don't intend for there to be a "known bad fingerprints" list. [Another option would be for the above dialog to continue to have "accept / not accept" buttons, and clicking the latter would cause the fingerprint to be deleted from the known fingerprints list (it would have been added the moment the dialog popped up).] - The "private connection established" dialog goes away (or is made optional), but the fingerprint and secure session id that are in there now must still be accessible somehow (clicking the "OTR: Private" button, maybe?). So, comments? Thanks, - Ian From bsittler at gmail.com Thu May 19 17:04:38 2005 From: bsittler at gmail.com (Benjamin C. Wiley Sittler) Date: Thu, 19 May 2005 14:04:38 -0700 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050519195558.GT1071@smtp.paip.net> References: <20050519195558.GT1071@smtp.paip.net> Message-ID: <428cff66.O0q4PDzAR1QmUpVA%bsittler@gmail.com> Ian Goldberg wrote: > The largest usability issue with OTR right now seems to me to be what > happens when you try to talk to someone for the first time. Each side > having to actively accept the other's fingerprint leads to all sorts of > weird behaviours when one side accepts, and then starts typing before > the other side accepts. [Len's bug #1198389 is related to this, as > well.] There's also been call for removing the "Private connection > established" dialog completely. > > So what would people think about this: > > - When you receive a new fingerprint, you're notified of this fact (with > a dialog box), but it's automatically accepted right away. [Noting > that approximately everyone just clicks "OK" anyway, this doesn't > change the usual behaviour.] > > - If you *don't* want to accept the fingerprint, you'd have to delete it > from your "known fingerprints" list. Like today, I don't intend for > there to be a "known bad fingerprints" list. [Another option would be > for the above dialog to continue to have "accept / not accept" > buttons, and clicking the latter would cause the fingerprint to be > deleted from the known fingerprints list (it would have been added the > moment the dialog popped up).] > > - The "private connection established" dialog goes away (or is made > optional), but the fingerprint and secure session id that are in there > now must still be accessible somehow (clicking the "OTR: Private" > button, maybe?). > > So, comments? > > Thanks, > > - Ian > _______________________________________________ > OTR-users mailing list > OTR-users at lists.cypherpunks.ca > http://lists.cypherpunks.ca/mailman/listinfo/otr-users Great! Will this mean I can once again use otrproxy with an ncurses aim client over ssh, without needing to worry about bringing up VNC to accept a conversation every time one of my buddies with OTR tries to chat? If so, I'm all for it... seems much easier than the wxcurses path I was on previously... -Be n From nikitab at gmail.com Thu May 19 17:25:27 2005 From: nikitab at gmail.com (Nikita Borisov) Date: Thu, 19 May 2005 14:25:27 -0700 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050519195558.GT1071@smtp.paip.net> References: <20050519195558.GT1071@smtp.paip.net> Message-ID: <16f0378d0505191425e584b24@mail.gmail.com> On 5/19/05, Ian Goldberg wrote: > > - The "private connection established" dialog goes away (or is made > optional), but the fingerprint and secure session id that are in there > now must still be accessible somehow (clicking the "OTR: Private" > button, maybe?). I think we should make the dialog go away, or at least replace it with some sort of inline display. I really like the way Adium handles that: it displays a message "Encrypted OTR chat initiated" inside the conversation window. Is there any hope of doing something like that under Gaim? It makes OTR so much nicer to use. - Nikita -------------- next part -------------- An HTML attachment was scrubbed... URL: From rgould at nosc.mil Fri May 20 10:08:47 2005 From: rgould at nosc.mil (Ryan B. Gould) Date: Fri, 20 May 2005 07:08:47 -0700 Subject: [OTR-users] Re: OTR-users digest, Vol 1 #63 - 3 msgs In-Reply-To: <20050520103135.5988.46123.Mailman@brandeis.paip.net> References: <20050520103135.5988.46123.Mailman@brandeis.paip.net> Message-ID: <291EDE46-82E2-45A2-972B-B1059F169487@nosc.mil> i like the third option (to be able to hide all that stuff. as far as i am concerned security should be made transparent. it should be made easy. trying to explain the concepts of keys (fingerprints) to my sixty-year-old father is a conversation i do not wish to have again. so, yes, an auto-accept checkbox would be fantastic. at the same time, as nikita said, the simple in-conversation message telling you that you are secure is also very nice. i cant tell you how much i appreciate this OTR stuff. it makes the world a better place. thanks ian, and co.. > So what would people think about this: > > - When you receive a new fingerprint, you're notified of this fact > (with > a dialog box), but it's automatically accepted right away. [Noting > that approximately everyone just clicks "OK" anyway, this doesn't > change the usual behaviour.] > > - If you *don't* want to accept the fingerprint, you'd have to > delete it > from your "known fingerprints" list. Like today, I don't intend for > there to be a "known bad fingerprints" list. [Another option > would be > for the above dialog to continue to have "accept / not accept" > buttons, and clicking the latter would cause the fingerprint to be > deleted from the known fingerprints list (it would have been > added the > moment the dialog popped up).] > > - The "private connection established" dialog goes away (or is made > optional), but the fingerprint and secure session id that are in > there > now must still be accessible somehow (clicking the "OTR: Private" > button, maybe?). > From jcohen07 at brandeis.edu Fri May 20 10:51:26 2005 From: jcohen07 at brandeis.edu (Jason Cohen) Date: Fri, 20 May 2005 10:51:26 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? Message-ID: <428DF96E.4080605@brandeis.edu> I like the idea of having the "private connection established" dialog box as an in-conversation message with the abiliity to get the session id and fingerprint by clicking the OTR Private button. However, I think there should still be an option to keep the old system in place with regard to accepting new fingerprints. The system is only secure if the fingerprint is authenticated out of bounds. Otherwise, you don't know who you're talking to. I understand that some users might not want to do this so they should have the option of auto-accepting new keys. I still think a dialog box should come up asking if you want to accept the fingerprint so that you can override the automatic choice without needing to access the known fingerprint list. I also like getting the "private connection established" dialog box as it clearly informs methat a private conversation has been started even if gaim is minimized. Could we have the option of keeping the "private connection established" dialog box, while setting the default as an in-conversation message? Also, I was wondering if gaim-otr 2.0.2 is going to be released on debian sid. libotr 2.0.2 is already in sid but the newest version of gaim-otr is 2.0.1 which conflicts with gaim-encryption. Jason Cohen From ian at cypherpunks.ca Fri May 20 11:38:19 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Fri, 20 May 2005 11:38:19 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <16f0378d0505191425e584b24@mail.gmail.com> References: <20050519195558.GT1071@smtp.paip.net> <16f0378d0505191425e584b24@mail.gmail.com> Message-ID: <20050520153819.GZ1071@smtp.paip.net> On Thu, May 19, 2005 at 02:25:27PM -0700, Nikita Borisov wrote: > On 5/19/05, Ian Goldberg wrote: > > > > - The "private connection established" dialog goes away (or is made > > optional), but the fingerprint and secure session id that are in there > > now must still be accessible somehow (clicking the "OTR: Private" > > button, maybe?). > > > I think we should make the dialog go away, or at least replace it with some > sort of inline display. I really like the way Adium handles that: it > displays a message "Encrypted OTR chat initiated" inside the conversation > window. Is there any hope of doing something like that under Gaim? It makes > OTR so much nicer to use. Certainly the "Private connection established" message can appear inline, but there still needs to be a way to bring up the fingerprint / session id. [Since I believe in gaim, if there's no conversation window open for a given buddy, messages directed to that window are simply discarded. That's OK for "Private connection established", but not for the session id, etc.] I'm thinking that clicking "OTR: Private" while a private conversation is active will pop up a window with that info in it, and also a button to refresh the private conversation (the current behaviour of clicking "OTR: Private"). Clicking "OTR: Not private" when there's no private conversation will continue to initiate one. - Ian From ian at cypherpunks.ca Fri May 20 11:48:53 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Fri, 20 May 2005 11:48:53 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <428cff66.O0q4PDzAR1QmUpVA%bsittler@gmail.com> References: <20050519195558.GT1071@smtp.paip.net> <428cff66.O0q4PDzAR1QmUpVA%bsittler@gmail.com> Message-ID: <20050520154853.GA1071@smtp.paip.net> On Thu, May 19, 2005 at 02:04:38PM -0700, Benjamin C. Wiley Sittler wrote: > Great! Will this mean I can once again use otrproxy with an ncurses aim > client over ssh, without needing to worry about bringing up VNC to accept > a conversation every time one of my buddies with OTR tries to chat? > > If so, I'm all for it... seems much easier than the wxcurses path I was on > previously... Sort of: it *would* still pop up windows letting you know things, but the default action of "don't click on anything" would cause the conversation to proceed (though the windows would pile up). We looked at wxcurses, but it seems it's not compatible with any recent version of wxWidgets. It looks likt the two ways to go (long term) for people using non-graphical IM clients are: 1. Make a non-graphical (probably curses) UI for otrproxy. The otrproxy code is already divided between the "proxy" part and the "UI" part; wxui/ is a separate directory. This was _exactly_ so that eventually a curses ui could be written. In this case, all of the otrproxy output would go to a separate window, but screen(1) can take care of that. This has the benefit of simultaneously supporting all non-graphical AIM clients that support proxies. 2. Make your IM client support OTR natively. This has the benefit of giving you OTR support for any IM protocol supported by your client, and not just AIM/ICQ. The OTR UI information can also be more seamlessly integrated into your existing client's UI. - Ian From gmaxwell at gmail.com Fri May 20 11:57:33 2005 From: gmaxwell at gmail.com (Gregory Maxwell) Date: Fri, 20 May 2005 11:57:33 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050520153819.GZ1071@smtp.paip.net> References: <20050519195558.GT1071@smtp.paip.net> <16f0378d0505191425e584b24@mail.gmail.com> <20050520153819.GZ1071@smtp.paip.net> Message-ID: On 5/20/05, Ian Goldberg wrote: > Certainly the "Private connection established" message can appear > inline, but there still needs to be a way to bring up the fingerprint / > session id. [Since I believe in gaim, if there's no conversation window > open for a given buddy, messages directed to that window are simply > discarded. That's OK for "Private connection established", but not for > the session id, etc.] > > I'm thinking that clicking "OTR: Private" while a private conversation > is active will pop up a window with that info in it, and also a button > to refresh the private conversation (the current behaviour of clicking > "OTR: Private"). Clicking "OTR: Not private" when there's no private > conversation will continue to initiate one. That would be fine, but I'd think I'd like to be able to set per user 'no new fingerprints' ... If it's automagic I really don't trust myself to notice a fingerprint change, and I have contacts whom I know will not be changing finger prints. In the case of 'no new fingerprints' the otr establishment should just be rejected until I go toggle that option. While we're doing that we can put a button inside that popup to disable OTR. It would also be useful to have a /otr disable or something that you can just type into the chat window. Ditto for toggling 'no new fingerprints', I suppose. The reason I request this is because I have some contacts who use OTR most of the time.. but sometimes they login from some place without OTR and my client still thinks they are running OTR. I say something to them, they get OTR goop, and they contiune screaming at me that they have no OTR while I'm frantically navigating through preferences trying to end the private session to keep them from being spammed with OTR messages. :) From ian at cypherpunks.ca Fri May 20 11:58:09 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Fri, 20 May 2005 11:58:09 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <428DF96E.4080605@brandeis.edu> References: <428DF96E.4080605@brandeis.edu> Message-ID: <20050520155809.GB1071@smtp.paip.net> On Fri, May 20, 2005 at 10:51:26AM -0400, Jason Cohen wrote: > I like the idea of having the "private connection established" dialog > box as an in-conversation message with the abiliity to get the session > id and fingerprint by clicking the OTR Private button. However, I think > there should still be an option to keep the old system in place with > regard to accepting new fingerprints. The system is only secure if the > fingerprint is authenticated out of bounds. Otherwise, you don't know > who you're talking to. I understand that some users might not want to do > this so they should have the option of auto-accepting new keys. I still > think a dialog box should come up asking if you want to accept the > fingerprint so that you can override the automatic choice without > needing to access the known fingerprint list. Right. So there would be something like a "Require explicit confirmation of new fingerprints" option, default off. If it's off: - When a new fingerprint comes in, it's auto-accepted, so that the conversation can proceed. - A dialog box showing the new fingerprint is displayed, with "Yes" and "No" buttons. - The "Yes" button simply dismisses the dialog box. - The "No" button ends the private connection, forgets the fingerprint, and dismisses the dialog box. If it's on (the current behaviour): - When a new fingerprint comes in, it's not auto-accepted. Messages that come in at this point will generate errors. - A dialog box showing the new fingerprint is displayed, with "Yes" and "No" buttons. - The "Yes" button accepts the fingerprint, and dismisses the dialog box. - The "No" button simply dismisses the dialog box. > I also like getting the "private connection established" dialog box as > it clearly informs methat a private conversation has been started even > if gaim is minimized. Could we have the option of keeping the "private > connection established" dialog box, while setting the default as an > in-conversation message? A "Display 'private connection established' dialogs" checkbox, default off. If it's off, you get the behaviour I decribed in the other message. If it's on, you get the current behaviour (but clicking the "OTR: Private" button would still bring up the window, and you'd have to click a button on *that* window to refresh the private connection; this seems ugly, though; if someone's got a better UI suggestion for how to (a) bring up the session id information, or (b) refresh a private connection, please speak up!). > Also, I was wondering if gaim-otr 2.0.2 is going to be released on > debian sid. libotr 2.0.2 is already in sid but the newest version of > gaim-otr is 2.0.1 which conflicts with gaim-encryption. You'll have to ask Thibaut, the debian maintainter, about that. - Ian From rgould at nosc.mil Fri May 20 16:17:32 2005 From: rgould at nosc.mil (Ryan B. Gould) Date: Fri, 20 May 2005 13:17:32 -0700 Subject: [OTR-users] Re: OTR-users digest, Vol 1 #63 - 3 msgs In-Reply-To: <20050520103135.5988.46123.Mailman@brandeis.paip.net> References: <20050520103135.5988.46123.Mailman@brandeis.paip.net> Message-ID: <428E45DC.3090304@nosc.mil> a good example of why it would be best/great to auto-accept keys is when you are oh two different machines chatting with the same person. an example: you are at home and you have an OTR chat going with someone. then you quit the chat. the person you are chatting with either closes the window or leaves it open (it doesnt matter which). then you go to work and login there. the person you were chatting with still thinks that you are using the old key (fingerprint). then both your attempts to chat with each other barfs with all sorts of malformed packet errors and you are forced to re-establish a connection. if the person that you are chatting with happens to be using windows gaim with the OTR pugin, and they are away from their machine.. they can come back to quite a few error messages. > So what would people think about this: > > - When you receive a new fingerprint, you're notified of this fact > (with > a dialog box), but it's automatically accepted right away. [Noting > that approximately everyone just clicks "OK" anyway, this doesn't > change the usual behaviour.] > > - If you *don't* want to accept the fingerprint, you'd have to > delete it > from your "known fingerprints" list. Like today, I don't intend for > there to be a "known bad fingerprints" list. [Another option > would be > for the above dialog to continue to have "accept / not accept" > buttons, and clicking the latter would cause the fingerprint to be > deleted from the known fingerprints list (it would have been > added the > moment the dialog popped up).] > > - The "private connection established" dialog goes away (or is made > optional), but the fingerprint and secure session id that are in > there > now must still be accessible somehow (clicking the "OTR: Private" > button, maybe?). > From alaricd at pengdows.com Fri May 20 16:37:42 2005 From: alaricd at pengdows.com (Alaric Dailey) Date: Fri, 20 May 2005 15:37:42 -0500 Subject: [OTR-users] =?us-ascii?B?UkU6IFtPVFItdXNlcnNdIFJlOiBPVFItdXNlcnMgZGlnZXN0LCBWb2wgMSAjNjMgLSAzIG1zZ3M=?= Message-ID: I like the way Simp (www.secway.fr) handles it, giving you a key manager so you can take your fingerprint/keyrings with you from machine to machine. having a keyring highlights new and untrusted keys so you are aware of changes My modification of the their way to do it, (borrowing from other emails I have seen) would be to give a status in the window letting you know that while you are encrypted its a "new or untrusted" key. so if you don't trust yourself to look at new or changed autoaccepted keys you will still know, or if you don't care, you can ignore it. If there is such a "keyring" feature currently in OTR I haven't found it. Forgive me if I don't know all the features of OTR, I have only started using it. Original Message ----------------------- a good example of why it would be best/great to auto-accept keys is when you are oh two different machines chatting with the same person. an example: you are at home and you have an OTR chat going with someone. then you quit the chat. the person you are chatting with either closes the window or leaves it open (it doesnt matter which). then you go to work and login there. the person you were chatting with still thinks that you are using the old key (fingerprint). then both your attempts to chat with each other barfs with all sorts of malformed packet errors and you are forced to re-establish a connection. if the person that you are chatting with happens to be using windows gaim with the OTR pugin, and they are away from their machine.. they can come back to quite a few error messages. > So what would people think about this: > > - When you receive a new fingerprint, you're notified of this fact > (with > a dialog box), but it's automatically accepted right away. [Noting > that approximately everyone just clicks "OK" anyway, this doesn't > change the usual behaviour.] > > - If you *don't* want to accept the fingerprint, you'd have to > delete it > from your "known fingerprints" list. Like today, I don't intend for > there to be a "known bad fingerprints" list. [Another option > would be > for the above dialog to continue to have "accept / not accept" > buttons, and clicking the latter would cause the fingerprint to be > deleted from the known fingerprints list (it would have been > added the > moment the dialog popped up).] > > - The "private connection established" dialog goes away (or is made > optional), but the fingerprint and secure session id that are in > there > now must still be accessible somehow (clicking the "OTR: Private" > button, maybe?). > _______________________________________________ OTR-users mailing list OTR-users at lists.cypherpunks.ca http://lists.cypherpunks.ca/mailman/listinfo/otr-users From paul at cypherpunks.ca Sat May 21 18:26:07 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Sun, 22 May 2005 00:26:07 +0200 (CEST) Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050519195558.GT1071@smtp.paip.net> References: <20050519195558.GT1071@smtp.paip.net> Message-ID: On Thu, 19 May 2005, Ian Goldberg wrote: > The largest usability issue with OTR right now seems to me to be what > happens when you try to talk to someone for the first time. Each side > having to actively accept the other's fingerprint leads to all sorts of > weird behaviours when one side accepts, and then starts typing before > the other side accepts. How about having three states of OTR: red: Insecure communication yellow: Using OTR, but not manually configured the fingerprint green: Using OTR, confirmed fingerprint. The OTR button could then change from green to yellow automatically, without nasty windows, and the button can provide a way to go from yellow to green, using similar popups that are in use today. A configuration option could be added which disallows the yellow state, causing the current (paranoid) kind of setup. This option could be called "Allow leap-of-faith OTR communication". Some help button/option should be available to more elaborately explain the differences and the risks to the users. The second issue is when a user now changes key. Should we still allow the leap of faith, ir should this always pop up a warning? I think if you get multiple keys for a single identity, we should always do some warning. Another aspect of this kind of setup could be to allow importing of fingerprints through external methods. This could be http, ldap or dns. For example, one could put a fingerprint in a TXT or OTRKEY dns record, which would hopefully be signed by someone you trust somewhere in the hierarchy. Paul From paul at cypherpunks.ca Sat May 21 18:30:20 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Sun, 22 May 2005 00:30:20 +0200 (CEST) Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050520155809.GB1071@smtp.paip.net> References: <428DF96E.4080605@brandeis.edu> <20050520155809.GB1071@smtp.paip.net> Message-ID: On Fri, 20 May 2005, Ian Goldberg wrote: > Right. So there would be something like a "Require explicit > confirmation of new fingerprints" option, default off. > > If it's off: > - When a new fingerprint comes in, it's auto-accepted, so that the > conversation can proceed. > - A dialog box showing the new fingerprint is displayed, with "Yes" > and "No" buttons. > - The "Yes" button simply dismisses the dialog box. > - The "No" button ends the private connection, forgets the > fingerprint, and dismisses the dialog box. > > If it's on (the current behaviour): > - When a new fingerprint comes in, it's not auto-accepted. Messages > that come in at this point will generate errors. > - A dialog box showing the new fingerprint is displayed, with "Yes" > and "No" buttons. > - The "Yes" button accepts the fingerprint, and dismisses the > dialog box. > - The "No" button simply dismisses the dialog box. Couldn't the OTR client who gets the unknown fingerprint send back a "hold further messages until I send an OK" message? Then the sending client could, when the user types in another message, either tell the user the message will be queued or just tell it it is not allowed to send more messages until the fingerprint is accepted? I think queueing on the sending client is safer then transmitting in unconfirmed fingerprint fashion to begin with? Paul From vittoso at email.it Wed May 25 14:12:37 2005 From: vittoso at email.it (Vittorio Sozzi) Date: Wed, 25 May 2005 20:12:37 +0200 Subject: [OTR-users] 2.0.2 for FC3 Message-ID: <4294C015.9010409@email.it> Dear OTR experts, would it be possibile to have, in the download section, an RPM for Fedora Core 3 of the 2.0.2 version of the OTR plugin for gaim? I tried to build the RPM from source but I didn't not succeeded (probably a library failure). Thanks for your time! Cordially. From paul at cypherpunks.ca Wed May 25 18:11:28 2005 From: paul at cypherpunks.ca (Paul Wouters) Date: Thu, 26 May 2005 00:11:28 +0200 (CEST) Subject: [OTR-users] 2.0.2 for FC3 In-Reply-To: <4294C015.9010409@email.it> References: <4294C015.9010409@email.it> Message-ID: On Wed, 25 May 2005, Vittorio Sozzi wrote: > Dear OTR experts, > would it be possibile to have, in the download section, an RPM for > Fedora Core 3 of the 2.0.2 version of the OTR plugin for gaim? I tried > to build the RPM from source but I didn't not succeeded (probably a > library failure). We had the same problems too. Perhaps I can spend some more time over the weekend and get an rpm going. Paul From alex323 at gmail.com Thu May 26 13:17:54 2005 From: alex323 at gmail.com (alex323) Date: Thu, 26 May 2005 13:17:54 -0400 Subject: [OTR-users] OTR chatroom? Message-ID: <429604C2.6070605@gmail.com> You think there should be an IRC room for OTR? I think it would be great. - Alex -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 825 bytes Desc: OpenPGP digital signature URL: From gdt at ir.bbn.com Tue May 31 08:58:57 2005 From: gdt at ir.bbn.com (Greg Troxel) Date: 31 May 2005 08:58:57 -0400 Subject: [OTR-users] Opinions on proposed "unknown fingerprint" behaviour? In-Reply-To: <20050520155809.GB1071@smtp.paip.net> References: <428DF96E.4080605@brandeis.edu> <20050520155809.GB1071@smtp.paip.net> Message-ID: I like your behaviors for fingerprints, except I'd use "Accept" and "Discard". Obviously getting a new fingerprint for a name that already has a fingerprint always generates a box, and doesn't do any auto-accept, but I had to say it. [while we are talking UI] I don't use the refresh button often, so having the OTR button pop up a more complicated dialog box would be fine. When I do use it, it's because I suspect the other person has restarted their client, or changed computers. So, I'd like to see idle timer on keys, causing them to be marked stale, perhaps 30 minutes default when sending with a stale key, send a ping message, recognizable as such to the counterparty even if not keyed, to trigger key exchange, and then send the message. Right now this is my biggest usability issue. New correspondents are very rare compared to current ones switching among their multiple computers. Also, gaim/otr doesn't cope well with being logged in on multiple computers at once. I need to test and write up a real bug report... -- Greg Troxel From gdt at ir.bbn.com Tue May 31 09:00:32 2005 From: gdt at ir.bbn.com (Greg Troxel) Date: 31 May 2005 09:00:32 -0400 Subject: [OTR-users] Re: OTR-users digest, Vol 1 #63 - 3 msgs In-Reply-To: <428E45DC.3090304@nosc.mil> References: <20050520103135.5988.46123.Mailman@brandeis.paip.net> <428E45DC.3090304@nosc.mil> Message-ID: "Ryan B. Gould" writes: > a good example of why it would be best/great to auto-accept keys is > when you are oh two different machines chatting with the same > person. an example: you are at home and you have an OTR chat going > with someone. then you quit the chat. the person you are chatting > with either closes the window or leaves it open (it doesnt matter > which). then you go to work and login there. the person you were > chatting with still thinks that you are using the old key > (fingerprint). then both your attempts to chat with each other > barfs with all sorts of malformed packet errors and you are forced > to re-establish a connection. if the person that you are chatting > with happens to be using windows gaim with the OTR pugin, and they > are away from their machine.. they can come back to quite a few > error messages. I think the discussion is about fingerprints for public keys used to sign key exchange, not about session keys. I routinely do what you describe and don't have issues but do need to refresh the key exchange when one person switches computers. I've long ago accepted the 2-3 fingerprints for each of my correspondents' machines. -- Greg Troxel From rgould at nosc.mil Tue May 31 10:42:05 2005 From: rgould at nosc.mil (Ryan B. Gould) Date: Tue, 31 May 2005 07:42:05 -0700 Subject: [OTR-users] Re: OTR-users digest, Vol 1 #63 - 3 msgs In-Reply-To: References: <20050520103135.5988.46123.Mailman@brandeis.paip.net> <428E45DC.3090304@nosc.mil> Message-ID: <4FE8A8A9-6B61-4699-BBD0-2482ADE7FBF6@nosc.mil> On May 31, 2005, at 6:00 AM, Greg Troxel wrote: > "Ryan B. Gould" writes: > >> a good example of why it would be best/great to auto-accept keys is >> when you are oh two different machines chatting with the same >> person. an example: you are at home and you have an OTR chat going >> with someone. then you quit the chat. the person you are chatting >> with either closes the window or leaves it open (it doesnt matter >> which). then you go to work and login there. the person you were >> chatting with still thinks that you are using the old key >> (fingerprint). then both your attempts to chat with each other >> barfs with all sorts of malformed packet errors and you are forced >> to re-establish a connection. if the person that you are chatting >> with happens to be using windows gaim with the OTR pugin, and they >> are away from their machine.. they can come back to quite a few >> error messages. >> > > I think the discussion is about fingerprints for public keys used to > sign key exchange, not about session keys. I routinely do what you > describe and don't have issues but do need to refresh the key exchange > when one person switches computers. I've long ago accepted the 2-3 > fingerprints for each of my correspondents' machines. > -- > Greg Troxel okay, fair enough. my apologies to everyone for not having analyzed the situation thoroughly before piping up. perhaps it has something to do with the new (to me) "fingerprint" lingo. yes, the accepting of the keys should still be a manual yes/no process. OTR implementations on mac and windows do a great job at this. still, having the option of an auto-accept might be a nice not-default option. at the same time, i have experienced a situation on both mac and windows where public keys need to be re-accepted, even though they have been accepted previously. are the public keys set to expire? or is there something in the OTR implementation that rotates keys out after a certain amount of time? off topic/next topic: i think that the session keys are the ones that should be auto-accepted (or have the ability to choose that option). both the mac and the window implementations dont do a very good job at handling a situation where the session key(s) have have changed. perhaps something in the hand-shaking needs to be revised so the two clients dont puke all over each other. an auto-re-negotiation rather than an auto-acceptance? From aldert at rotz.org Tue May 31 12:26:48 2005 From: aldert at rotz.org (Aldert J.B.P. Hazenberg) Date: Tue, 31 May 2005 18:26:48 +0200 Subject: [OTR-users] Trillian + otrproxy screenshots In-Reply-To: <20050505231258.GC1071@smtp.paip.net> References: <20050505231258.GC1071@smtp.paip.net> Message-ID: <429C9048.5080602@rotz.org> Ian Goldberg wrote: > Can any of you Trillian + otrproxy users send some instructions (and > maybe screenshots?) on how to install / configure it? The trickiest bit > seems to be how to configure the per-protocol proxy settings in Trillian. > Hi Ian/People, http://rotz.org/archives/2005/05/otr_trillian.html Additions/corrections are very welcome !!! Aldert. From cyborgspiders2 at gmail.com Tue May 31 21:30:47 2005 From: cyborgspiders2 at gmail.com (Richard Pierce) Date: Tue, 31 May 2005 19:30:47 -0600 Subject: [OTR-users] otr + gaim + openbsd Message-ID: <2d19e76d0505311830e965d17@mail.gmail.com> Hello all, I am new to OpenBSD and gaim, but I must say I like both. I have used gaim with Off The Record on Windows, and I really appreciate the seemless installation and use. I am wondering, has anyone had OTR working with Gaim 1.1.4 on OpenBSD 3.7? Greg Magnusson glm at cyborgspiders.com From ian at cypherpunks.ca Tue May 31 23:18:23 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Tue, 31 May 2005 23:18:23 -0400 Subject: [OTR-users] otr + gaim + openbsd In-Reply-To: <2d19e76d0505311830e965d17@mail.gmail.com> References: <2d19e76d0505311830e965d17@mail.gmail.com> Message-ID: <20050601031823.GG1071@smtp.paip.net> On Tue, May 31, 2005 at 07:30:47PM -0600, Richard Pierce wrote: > Hello all, > > I am new to OpenBSD and gaim, but I must say I like both. I have used > gaim with Off The Record on Windows, and I really appreciate the > seemless installation and use. I am wondering, has anyone had OTR > working with Gaim 1.1.4 on OpenBSD 3.7? I see no reason why it shouldn't work; it certainly works on NetBSD and FreeBSD. Have you tried it? - Ian