[OTR-dev] [OTR-users] otr dh key encryption
Gregory Maxwell
gmaxwell at gmail.com
Tue Feb 19 06:02:55 EST 2013
On Mon, Feb 18, 2013 at 11:58 PM, Alex <alex323 at gmail.com> wrote:
> I never understood how the denyability aspect of OTR actually works. If
> you have a conversation with a "friend" who recently became an
> informant, how would OTR provide more denyability than an unencrypted,
> unsigned conversation?
It doesn't provide _more_ it avoids providing _less_. If you sign your
messages then you can't question the reliability of the informant,
you'd have to then argue that your computer was compromised. Resulting
in own words testifying against you in a very concrete way.
It's not much of a practical problem today— people haven't realized
what non-repudiation does for them... hopefully it won't ever be one
because people will use things like OTR and only use non-reputable
systems where they intend to...
More information about the OTR-dev
mailing list