[OTR-dev] EMPP - What can XMPP benefit from the new Echo Chat Protocol?

Randolph D. rdohm321 at gmail.com
Sun Jul 28 02:59:40 EDT 2013


2013/7/27 Randolph D. <rdohm321 at gmail.com>

> Hi, OTR uses only over Server encryption, right? would it be possible to
> extend it to send the encryption over several servers?
>
> ---------- Forwarded message ----------
> Subject: EMPP - What can XMPP benefit from the new Echo Chat Protocol?
> To: juser at jabber.org
> GoldBug.sf.net - Secure Instant Messenger 0.1 is out with Multi-Encryption
> https://sourceforge.net/projects/goldbug/?source=navbar
>
> based on the new Echo Protocol.
>
> I wounder what XMPP Clients and especially Servers - and of course
> developers - can benefit from it ?
>
> Can someone set up an EMPP Server so that we can exchange keys and chat?
>
> Regards Randolph
>
>

2013/7/28 Randolph D. <rdohm321 at gmail.com>

> Hi Ian,
> as normal tester of the release I am not able to provide you with a
> documentation of the protocol. there seems to be much Information and
> comments in the code. Well, think to send the Echo over OTR is a quite good
> initiative: Adding the libspoton kernel to OTR has the following pro's:
> - it adds another encryption layer to OTR
> - it offers a unique GUI api to every OTR
> - Strategey: OTR becomes not a encryption Service, but a Messenger itself:
> you can still send the Message from Google-to-Google user line, but with
> the OTR-KERNEL Hybridity, you also can use any other line like  AOL - AOL
> or OTR to OTR.
> All Messenger protocols and accounts will become just an IP address, not a
> Login for a dedicated account or line. That means this hybrid tool would
> override all IM-Networks/Accounts and dedicated surveillance for these
> accounts and lines, as the message can "travel" several connections. inside
> AOL to AOL , but also any other connection.
>
> 2013/7/28 Ian Goldberg <ian at cypherpunks.ca>
>

So what I will research next week is that plausibel deniability is not
broken, but confirmed, when GoldBug Messages are sent pver OTR. I think it
strengthen the deniability and makes it even stronger, not weaker.
It should be indifferent, if I send plaintext over OTR or cihpertext over
OTR - that Multi encryption would even make the encryption better. As well
the Option to Chose a different route than the AOL to AOL account line
would bring more complexity and thus surveilance freedom with OTR, when it
adds the libspoton kernel of the GoldBug Messenger.
But I understand these things just as research questions, not as a
development idea for OTR or any Messenger.

Kind Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20130728/fa3e769d/attachment.html>


More information about the OTR-dev mailing list