[OTR-dev] otr dh key encryption
Kjell Braden
kb at pentabarf.de
Tue Feb 19 05:36:36 EST 2013
On 2013-02-19 05:51, Ileana wrote:
> Any other comments or additional details are appreciated.
In your blog post you mention OTR does DH on the 1536bit prime group.
It looks like you swapped it in the comparison table.
Same goes for the Proof of Communication.
Also, you confuse two different concepts of authentication:
Every OTR session uses cryptographic authentication. If you previously
marked a key as trusted (ie. you know it belongs to the reported owner),
OTR will flag it as trusted again if you come back later to the same DSA
key.
Claiming that torchat had automatic authentication while OTR used
manual authentication is misleading, because the same manual
authentication appears in torchat by exchanging the hidden service
address (see Gregory's post).
--
Kjell
More information about the OTR-dev
mailing list