[OTR-dev] Multiple Accounts online
Greg Troxel
gdt at ir.bbn.com
Mon Jun 13 10:18:32 EDT 2005
Ian Goldberg <ian at cypherpunks.ca> writes:
> On Sun, Jun 05, 2005 at 09:58:30PM -0400, alex323 wrote:
> > Heh. I recently discovered that OTR doesn't like it when I am logged in
> > once from two different machines. I've read the protocol enough to know
> > why :)
> >
> > Any ideas to support this?
>
> That's a known problem with protocols (like AIM, since they changed its
> behaviour) that allow you to log in more than once, and send copies of
> your incoming messages to all of your logins. [Jabber, for example,
> doesn't have this problem, since it distinguishes your logins.]
Jabber doesn't have this problem, but I find otr/jabber to be
problematic. I think the problem arises from sending messages without
an explicit resource until there is a conversation in progress, but I
haven't tracked it down.
> What *should* happen here? If Alice is logged in multiple times, and
> Bob tries to start an OTR conversation with her, all of her clients
> will receive the OTR Query message, and will respond with a Key
> Exchange. Bob will then receive multiple Key Exchanges. What should he
> do then? [It's even worse if Bob is also logged in multiple times!]
This is a tough call, but it seems that e2e crypto state requires
naming (weakly) the actual endpoints, so someone we have to construct
point-to-point channels from the multicast channel that is provided.
So one would have to add resource names on top of things like AIM.
--
Greg Troxel <gdt at ir.bbn.com>
More information about the OTR-dev
mailing list