[OTR-dev] Last-minute change to libotr 4 API
Howard Chu
hyc at symas.com
Sun Aug 26 12:48:56 EDT 2012
Ian Goldberg wrote:
> On Sat, Aug 25, 2012 at 08:54:56PM -0700, Arlo Breault wrote:
>> If it's only the first messages, you can start the conversation with
>> heartbeat packets so that compromising them is meaningless.
>
> Nice idea! But then we'd have to *require* all OTR clients to implement
> this. Since not all OTR clients use libotr (there are a number of
> compatible implementations now, though not yet of the new version of the
> protocol), it seems bad to force them to change their behaviour because
> of a wart in the API of libotr.
But is this really just an API implementation issue, or is it fundamental to
the protocol? It seems to me that if you want to support this multiple
endpoint scenario, you have this problem no matter what implementation you use.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the OTR-dev
mailing list