[OTR-dev] RFC standardisation

Ximin Luo infinity0 at gmx.com
Fri Jul 12 06:57:41 EDT 2013


On 11/07/13 01:37, Paul Wouters wrote:
> On Tue, 9 Jul 2013, Peter Saint-Andre wrote:
> 
>>> I also spoke with Paul about this about a month ago but sadly I
>>> can't make IETF since I need to be present earlier at ohm2013, I
>>> hope to work on the RFC with Paul there. Will you be there Peter?
>>
>> I will not be at ohm2013 because that appears to overlap with the IETF
>> meeting in Berlin.
> 
> I'm flying out of Berlin on Friday afternoon, land in Amsterdam at 4pm,
> and will rent a car to be at ohm for 7pm to speak at the Hugh Daniel
> memorial crypto session.
> 
> I've written most of the dane-otr draft, and will work with Peter in
> Berlin on the main OTR spec.
> 
> Paul

Cool, thanks! I will have a look at both when I get some time.

My original intention in asking about an RFC for OTR is because I wanted to
have some reference material for my intention to push forward the encoding of
OTR keys as sub-keys in a PGP key, similar to what monkeysphere does for SSH keys.

I am very interested in trying to promote a decentralised PKI and I think PGP
is the best existing candidate for that. (I expect dkg and the monkeysphere
guys are also interested in this and I will go talk to them too.) I understand
there are conceptual issues, e.g.

- it currently deals with "trust" (== belief that someone else signs
certificates correctly) in a very ad-hoc way
- people don't actually (and aren't encouraged to, by PGP docs or existing
implementations) publish trust signatures; either because they don't know about
this idea, or also there are some security arguments against it

So this is still an area that's open to research. In the last decade there has
been a lot of research on decentralised trust algorithms (albeit in the context
of interactive p2p networks; by contrast the PGP web-of-trust is
non-interactive) which could be helpful.

Not that I am opposed to dane-otr (and its counterpart for SSH keys, RFC 4255;
thanks for the info) - it's likely to be more immediately usable on a global
scale than any decentralised PKI that crops up in the near future, but I think
in the long term a hierarchical PKI (especially one tied to DNS which somewhat
monopolises who can actually run a CA) is harmful.

X

-- 
GPG: 4096R/5FBBDBCE
https://github.com/infinity0
https://bitbucket.org/infinity0
https://launchpad.net/~infinity0

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20130712/3a9338ba/attachment.pgp>


More information about the OTR-dev mailing list