[OTR-dev] Multiple accounts

Kurt Roeckx kurt at roeckx.be
Tue Jul 2 10:19:00 EDT 2013


On Tue, Jul 02, 2013 at 03:48:26PM +0200, Jonas Wielicki wrote:
> On 02.07.2013 15:35, Kurt Roeckx wrote:
> > I seem to be more and more going to a PGP model, and have
> > to wonder if it's possible to use my GPG key for OTR.
> 
> Honestly I think that the absence of many of the PGP features is the
> strength of OTR. OTR is so incredibly easy and, in my opinion, the only
> current example of strong crypto done right (from the user experience
> perspective).
> 
> Adding complications such as key sync, key management, revocation etc.
> is not what I consider useful for the general case.

I don't get why you think this isn't useful to have.  I have a
feeling that you think that since you have PFS that revocation
isn't useful.  But I said that key belongs to that person
(like signing a key in pgp), and so will keep trusting that that
key belongs to that person, unless I somehow know that that
key shouldn't be trusted anymore.

I think the UI is OTRs strenght, but I think you can
do this all with PGP without complicating things for
the user.  I think at least the freedombox people are
looking in doing simular things.


Kurt




More information about the OTR-dev mailing list