<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title></title>
<style type="text/css">
<!--
body{margin-left:10px;margin-right:10px;margin-top:10px;margin-bottom:10px;}
-->
</style>
</head>
<body marginleft="10" marginright="10" margintop="10" marginbottom="10">
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">OTR stopped being able to connect over ICQ connections for me again yesterday.</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">I've tried the "OTR start private conversation" option many, many times over many hours and it never seems to connect.</font></div>
<br />
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">Pidgin v2.10.9, OTR v4.0.0</font></div>
<br />
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">Here's the output from "pidgin -d" (with the ICQ # of the recipient replaced with "xxxx")</font></div>
<br />
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">-----</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">(16:52:03) util: Writing file prefs.xml to directory C:\Users\xxxx\AppData\Roaming\.purple</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">(16:52:03) util: Writing file C:\Users\xxxx\AppData\Roaming\.purple\prefs.xml</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">(16:52:15) oscar: Sending IM, charset=0x0000, length=292</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">(16:52:15) oscar: rate change (param ID 0x0001): curavg = 5276, maxavg = 6000, alert at 2000, clear warning at 2500, limit at 1500, disconnect at 800,</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;"> delta is 42966, dropping is 0 (window size = 80)</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">(16:52:15) oscar: Sent message to xxxx.</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">(16:52:35) oscar: Sending IM, charset=0x0000, length=292</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">(16:52:35) oscar: rate change (param ID 0x0001): curavg = 6000, maxavg = 6000, alert at 2000, clear warning at 2500, limit at 1500, disconnect at 800,</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;"> delta is 63244, dropping is 0 (window size = 80)</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">(16:52:35) oscar: Sent message to xxxx.</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">-----</font></div>
<br />
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">I tried a Wireshark packet capture and got some strange results.</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">Wireshark says the protocol is "SSL", but the data doesn't look encrypted to me.</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">Here's the output, with my ICQ# replaced with "888888" and the recipient's replaced with "999999".</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">What is the number "003112075"?  Somehow it looks like an ID# that should refer to me, but I don't have that in my records.</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">And why does it say "OTRv23"? Is that the protocol version while 4.0 is the plugin version?</font></div>
<br />
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">-----</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">*..0.T.........00312075....888888...1.........(....<HTML><BODY>?OTRv23?</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;"><b>888888</b> has requested an <a href="http://otr.cypherpunks.ca/">Off-the-Record private conversation</a>.  However, you do not have a plugin to support that.</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">See <a href="http://otr.cypherpunks.ca/"><a href="http://otr.cypherpunks.ca/" target="_blank">http://otr.cypherpunks.ca/</a></a> for more information.</BODY></HTML>....*..T.....</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">...............0.............P................ ...p...p..T.......P...................p...p..V.................................."............|.......h.......@...@..V.......</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">...|.......h.......@...@..V..*...U.I.........00312075....999999...$56803284-fe3e-11e3-bc61-6431504adae8.</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">....*..1..</font></div>
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">-----</font></div>
<br />
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">PS: Sadly, I'll be away from a keyboard for about 10 days.</font></div>
<br />
<div align="left" style="text-align:left;"><font face="Calibri" size="+1" color="#000000" style="font-family:Calibri;font-size:14pt;color:#000000;">--Bits</font></div>
<br />
<div align="left" style="text-align:left;"><font face="Arial" size="+0" color="#000000" style="font-family:Arial;font-size:10pt;color:#000000;"><b>"Ian Goldberg ian-at-cypherpunks.ca |otr/Example Allow|" <o6tl2bav6t@sneakemail.com> writes:</b></font></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">On Wed, Oct 30, 2013 at 10:09:03PM -0400, Bits wrote:</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> I just gave Wireshark a go - getting inside this stream's going to be a</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> pain - all Wireshark's showing me is that everything's happening inside</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> SSL/TLS. I suppose that means to get meaningful messages Pidgin needs to</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> be run through some kinda of decrypting HTTPS proxy server, MitM style.</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> </font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> Not really sure how to do that; the proxy would need to gen certs on the</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> fly and sign them with a key Pidgin can be made to trust. Is there an</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">> easier way?</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">In your pidgin Accounts list, you can set your ICQ account to not use</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">TLS.</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">- Ian</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">_______________________________________________</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">OTR-users mailing list</font></span></div>
<div align="left" style="text-align:left;"><span style="background-color:#d0d0d0;"><font face="Times New Roman" size="+0" color="#000000" style="font-family:Times New Roman;font-size:12pt;color:#000000;">OTR-users@lists.cypherpunks.ca</font></span></div>
<br />
<br/>
</body>
</html>