[OTR-dev] OTR Encrypted File Transfer, Spec Draft
Max
govnototalitarizm at gmail.com
Thu Jun 6 05:05:58 EDT 2013
06.06.2013 07:32, Jacob Appelbaum пишет:
> Hans-Christoph Steiner:
>> Nadim Kobeissi
>>>
>>> Hi everyone,
>>> We've been working on the first implementation of OTR file transfer, using
>>> the extra symmetric keys afforded in the latest update to the OTR
>>> specification.
>>>
>>> We've come up with a spec draft, you should check it out!
>>> https://github.com/cryptocat/cryptocat/wiki/OTR-Encrypted-File-Transfer-Specification
>>>
>>> Thanks,
>>> NK
>>
>> Glad to see progress on this. We're currently debating whether to start with
>> this spec, or develop a file transfer method that is in the OTR band rather
>> than in the XMPP band like XEP-0047. Being in the OTR band seems like it
>> would provide extra benefits of hiding more meta data, like the fact that a
>> file is being transferred, the rough size of the file, etc.
>>
>
> This was done as a GSoC project once, long ago, I believe.
Not quite - the transfer was performed in-band and only for smaller files: those
which will fit into single TLV message. Also code quality wasn't good enough to be
merged into mainline.
>
>> Having the file transfer happen in the OTR band could provide a fully hidden
>> file transfer method by combining things like randomized padding and packet
>> size quantization, as well as slaving transfer timing to actual messaging
>> patterns or other such ways of hiding the file transfer timing.
>>
>
Even if we opt-in for oob transfer for larger files I still think that we should send
small files in-band.
cheers,
Max.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20130606/6ce03c70/attachment.pgp>
More information about the OTR-dev
mailing list