[OTR-dev] Decrypting messages from an old OTR conversation
Ian Goldberg
ian at cypherpunks.ca
Thu Mar 2 08:48:46 EST 2006
On Mon, Feb 27, 2006 at 08:08:38PM +0100, Paul Wouters wrote:
> On Mon, 27 Feb 2006, Evan Schoenberg wrote:
>
> > The problem: some services support serverside offline messaging. Yahoo and
> > ICQ, for example. If Bob is in an encrypted conversation with Alice, and
> > Alice signs offline, the service still allows Bob to message Alice, storing
> > the (encrypted) message on the server for delivery when Alice next signs
> > online. Bob knows that Alice has the information for decrypting his message,
> > since they've been communicating previously...
> >
> > So Alice signs on a day later... but she can't read the message, since the
> > conversation has since ended. She receives:
> > The encrypted message received from Bob is unreadable, as you are not
> > currently communicating privately.
>
> When signing off, the client should close the OTR connection to the
> "finished" state.
To be clear: when Alice's client is about to go offline, it should send
OTRL_TLV_DISCONNECTED packets to each of the buddies with which she
currently has a OTRL_MSGSTATE_ENCRYPTED session (and protocol version
greater than 1). That will notify Bob's client that Alice can no longer
read encrypted messages, and it won't try to send one.
See process_quitting() in gaim-otr/otr-plugin.c to check out how gaim
does this.
- Ian
More information about the OTR-dev
mailing list