<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title></title>
<style type="text/css">
<!--
body{margin-left:10px;margin-right:10px;margin-top:10px;margin-bottom:10px;}
-->
</style>
</head>
<body marginleft="10" marginright="10" margintop="10" marginbottom="10">
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">There is absolutely the option to disable encryption in Pidgin (Accounts: Manage Accounts: select the account: Modify...: Advanced Tab: "Connection Security" field).</font></div>
<br />
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">But now that I go to use this, I'm unable to reproduce the problem.</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">It's taking longer to start the private conversation (still under a minute), but it seems to be working.</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">Not sure what to make of this, there certainly was a change and things aren't back to "normal" yet.</font></div>
<br />
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">--Bits</font></div>
<br />
<div align="left" style="text-align:left;"><font face="Arial" size="+0" color="#000000" style="font-family:Arial;font-size:10pt;color:#000000;"><b>"Ian Goldberg ian-at-cypherpunks.ca |otr/Example Allow|" <<a href="mailto:o6tl2bav6t@sneakemail.com">o6tl2bav6t@sneakemail.com</a>> writes:</b></font></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">On Wed, Oct 30, 2013 at 10:09:03PM -0400, Bits wrote:</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> I just gave Wireshark a go - getting inside this stream's going to be a</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> pain - all Wireshark's showing me is that everything's happening inside</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> SSL/TLS. I suppose that means to get meaningful messages Pidgin needs to</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> be run through some kinda of decrypting HTTPS proxy server, MitM style.</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> </font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> Not really sure how to do that; the proxy would need to gen certs on the</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> fly and sign them with a key Pidgin can be made to trust. Is there an</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> easier way?</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">In your pidgin Accounts list, you can set your ICQ account to not use</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">TLS.</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">- Ian</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">_______________________________________________</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">OTR-users mailing list</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;"><a href="mailto:OTR-users@lists.cypherpunks.ca">OTR-users@lists.cypherpunks.ca</a></font></span></div>
<br />
<br/>
</body>
</html>