[OTR-dev] MAC keys to be revealed
Ian Goldberg
ian at cypherpunks.ca
Thu Jan 20 20:13:54 EST 2005
On Fri, Jan 21, 2005 at 02:03:31AM +0100, Paul Wouters wrote:
> On Thu, 20 Jan 2005, Ian Goldberg wrote:
>
> > On Thu, Jan 20, 2005 at 04:06:28PM -0500, alex323 wrote:
> > > Do you HAVE to send out your old MAC keys?
> >
> > Even moreso than all those surveillance cameras everywhere, it's
> > For Your Protection. You really really want people to be able to forge
> > messages after the fact.
> >
> > HAVE to? There's no client out there (yet) that will complain if you
> > don't, but it's a really good idea to do it.
>
> OTR should check for the MAC leakage, and warn me or even disconnect the OTR
> session if it detects the remove client doesn't do this. I consider this to
> be essential to OTR.
As long as *one* of you is doing it right, you're at least assured that
all the keys are being published. [Each side publishes both his sending
and receiving MAC keys for exactly this reason.]
But it's probably a good idea to do something if the other side isn't
playing along.
- Ian
More information about the OTR-dev
mailing list