[OTR-dev] buglet in otrproxy?
Ian Goldberg
ian at cypherpunks.ca
Thu Feb 3 08:29:50 EST 2005
On Thu, Feb 03, 2005 at 01:36:28AM +0100, Paul Wouters wrote:
>
> I just had a friend install the otr proxy for macosx. We have never communicated
> using OTR. I have opportustic on in the global config
> He logged off to change to his proxy, and then this happened:
>
> (01:16:39) Aaron logged in.
> (01:16:52) The encrypted message received from severeddreamsphx is unreadable, as you are not currently communicating privately.
> (01:17:02) 9944856: test?
> (01:17:03) 9944856: cool
> (01:17:07) 9944856: This is encrypted :)
> (01:17:10) Aaron: That's odd, I got this error message
> (01:17:18) Aaron: from your client
> (01:17:19) Aaron: w0rd
> ?OTR Error: You sent encrypted data to 9944856, who wasn't expecting it.
> (01:17:22) 9944856: (01:16:52) The encrypted message received from severeddreamsphx is unreadable, as you are not currently communicating privately.
> (01:17:30) 9944856: yeah, i think it was a kickstart problem
>
> I am not sure how the proxy could have send me a private message first,
> before triggering the key exchange.
Ah, I think I know what happened:
- One of you triggers Key Exchange.
- Neither of you has seen the other's fingerprint before.
- Aaron accepts yours, and types something, but you haven't accepted his
yet.
- Your end gets an encrypted message, but discards it with the above
error, since it hasn't been told to accept the fingerprint.
- You accept the fingerprint, and continue the conversation.
I'm not sure we should be queueing incoming packets while waiting for
you to accept a fingerprint, though.
- Ian
More information about the OTR-dev
mailing list