[OTR-dev] Multiple accounts

Kurt Roeckx kurt at roeckx.be
Sun Jun 30 18:51:01 EDT 2013


It seems all the client I've look at generate a key per account
that I have.  Is this intentional?  Why?

I would expect that if I talk to what I believe is the same
person, even if it's an other protocol that I'm using to talk,
that that person would use the same key and that I didn't have
to authenticate the person anymore.  The same of course works
in both ways.  If the same key is used, I can actually be sure
that I'm talking to the same person.

The only good reason I can see to have a different key is that
you don't want people to know that it's the same person.

A related issue seems to be that none of the clients I've
used seem to have a way to import or export keys.  They all seem
to be using their own way to store things, and don't even seem
to have an option to protect it with a password.

So it basicly means if I have 2 applications or 2 devices,
I even and up with 2 keys for the same protocols, which to me
makes little sense.


More information about the OTR-dev mailing list