[OTR-dev] OTR with Jabber/XMPP
Timo Engel
timo-e at freenet.de
Sat Feb 2 09:47:43 EST 2008
On 01-Feb-2008 Ian Goldberg wrote:
> On Mon, Jan 28, 2008 at 06:53:39PM +0100, Timo Engel wrote:
>> [...]
>> The contents of [EncryptedBody] and [EncryptedHTML] are the same. After
>> decrypting the message, there is HTML code in the body-element. This is not
>> a
>> valid XMPP message and is problematic if the client doesn't use HTML.
>>
>> The encrypted HTML code is not XML compliant. After decrypting the message
>> it
>> could not be parsed from an XML parser. This is really annoying, because the
>> client can't display the message.
>
> This has been discussed before. The ciphertext is valid XML, since the
> ciphertext itself contains no markup. When the user-agent decrypts the
> OTR ciphertext to get plaintext, it may have markup, because the OTR
> specification says it can. If the user-agent doesn't understand markup,
> the OTR plugin for that user-agent is responsible for removing it.
It should not be task of the receiving plugin to remove HTML tags. For that
reason a XMPP messages has a body-element where html content is not allowed and
the optional html-element with XHTML markup.
The markup should be valid XHTML. This is not the case if gaim is used with the
otr-plugin. Without the plugin, the messages from gaim are valid. Perhaps this
is a problem of the plugin-interface of gaim.
More information about the OTR-dev
mailing list