[OTR-dev] finished state and restart

Paul Wouters paul at cypherpunks.ca
Thu Jan 25 11:06:24 EST 2007


On Thu, 25 Jan 2007, Greg Troxel wrote:

> I am glad that there is a 'finished' state; this seems good both from
> a cleanliness view (avoids sending data that can't be read) and that
> the last auth keys are disclosed (presumably).  But there's a UI
> annoyance with gaim-otr that I'll describe and that I think might be
> fixable.
>
> I regularly talk to Bob, and have verified fingerprints.
> I have settings of enable, automatically initiate, and require.
> When I start gaim, the status is 'not private'.  I then type
> something, and hit return, and get "Attempting to start a private
> conversation...", then see my message, and "Private conversation with
> Bob/foo started."
>
> (There's perhaps a minor bug in that the 'started' line should precede
> the message, or else a serious bug that it was sent un-OTRed.)

If you use "opportunistic mode", eg "on demand", then your first message
will always be plaintext, upon which the other end sees you can do OTR
and replies encrypted. If you want to prevent your first message from
being plaintext, either click on OTR to start before typing, or change
the preference for this user to "require OTR".

> Bob exits gaim, and that causes me to get a finished notification and
> to enter state finished.  This is fine.
>
> Later, Bob logs in again, and I type a line or two, and hit return,
> not paying attention to finished.   I'm told that i'm in finished and
> my message was not sent, but it's lost and I have to retype after
> clicking the otr button to start a new session.
>
> What I'd like is for 'finished', if settings are 'require', to
> initiate key exchange and then send the message.  As I see it, not
> having key state, and knowing that key state was discarded are more or
> less the same, and this doesn't harm the main point of finished which
> is to avoid sending cleartext messages that the user expected to be
> protected.  Is this reasonable?

I have thought about these things as well. The issue is a bit more complex,
due to multiple logins. I am not sure why we don't go to a finished state
ourselves when the other end enters that state. If we are setup as "require"
then no plaintext messages will ever be sent, and an OTR negotiation is
triggered.

What I'm concerned about is that certain messages can trigger a new
negotiation, undoing the finished state.

btw. the point of finished is to ensure that if that user logins from
a new location, he doesn't get unreadable messages. And that is also
related to the oldest oustanding otr bug, the "negotiation storm" that
seems to happen sometimes when one user has been idle for a long time,
and perhaps logged in from somewhere else and did some otr.

Paul



More information about the OTR-dev mailing list