[OTR-dev] Last-minute change to libotr 4 API
Ian Goldberg
ian at cypherpunks.ca
Sun Aug 26 13:17:55 EDT 2012
On Sun, Aug 26, 2012 at 09:48:56AM -0700, Howard Chu wrote:
> Ian Goldberg wrote:
> > On Sat, Aug 25, 2012 at 08:54:56PM -0700, Arlo Breault wrote:
> >> If it's only the first messages, you can start the conversation with
> >> heartbeat packets so that compromising them is meaningless.
> >
> > Nice idea! But then we'd have to *require* all OTR clients to implement
> > this. Since not all OTR clients use libotr (there are a number of
> > compatible implementations now, though not yet of the new version of the
> > protocol), it seems bad to force them to change their behaviour because
> > of a wart in the API of libotr.
>
> But is this really just an API implementation issue, or is it
> fundamental to the protocol? It seems to me that if you want to
> support this multiple endpoint scenario, you have this problem no
> matter what implementation you use.
I don't think it's fundamental to the protocol. I wouldn't warrant that
every possible implementation of the OTR protocol version 3
automatically has a forward secrecy problem for the initial messages.
(For example, the proposed change to libotr would make it so that it
doesn't.)
- Ian
More information about the OTR-dev
mailing list