[OTR-dev] Thinking about mpOTR and secure multiparty chat protocols in general

Gregory Maxwell gmaxwell at gmail.com
Thu Feb 21 16:37:13 EST 2013


On Thu, Feb 21, 2013 at 10:30 AM, George Kadianakis
<desnacked at riseup.net> wrote:
>   I know that some people here like the deniability property of mpOTR
>   a lot, but personally I would be very happy with a multiparty chat
>   protocol with end-to-end confidentiality, authentication and PFS,
>   even if it didn't provide deniability in its first version.

I don't think it is as much a question of like as much as I think
there are _ethical_ problems of creating a protocol for chat which is
non-repudiable by default and promoting it to people who are trying to
increase their confidentiality because it may well decrease it.

I think it would be superior to compromise on authentication (e.g.
make it so if a chat participant is also the server operator he could
forge messages as appearing to be from other chat participants) than
to subject people to non-repudiation that they likely will not
understand, do not want, and would not expect.



More information about the OTR-dev mailing list