[OTR-dev] handling jabber resources

Greg Troxel gdt at ir.bbn.com
Thu Dec 23 10:03:42 EST 2004

I've come across a situation where the otr plugin seems buggy, but I'm
not 100% sure what happened.

On computer A, I am able to OTR with party P using jabber.
On computer B, I log on to jabber with a different resource.
P's computer (same one) perceives, I think, that the OTR key is still
valid, and thus sends a message encrypted.

bug 1 is that the key exchange should be bound to the 'resource',
since it can't be used with other computers.

bug 2 is that after getting

 The encrypted message received from [redacted] is unreadable, as you
 are not currently communicating privately.

and doing key exchange, this didn't get resent.  It should have gotten
an OTR nak of some sort from my client, which was OTR enabled.

(Some people use the same resource on multiple machines, but that's
broken; I'm not talking about that situation.)

More information about the OTR-dev mailing list