[OTR-dev] making DATA_REQUEST and DATA_RESPONSE official TLVs (aka OTRDATA)
Hans-Christoph Steiner
hans at guardianproject.info
Fri Dec 12 04:28:36 EST 2014
Hey all,
I'm starting the process of getting our "OTRDATA" TLV as part of the OTR
protocol officially. We have it implemented in our version of otr4j as part
of ChatSecure (Android) and we use it as the basis for our rich messaging, so
voice messages, images, etc. are sent via OTRDATA. Its been working for over
a year now, and I'm now integrating it into the standard otr4j for easy
adoption for any app based on otr4j (Jitsi, Xabber, Conversations, etc.).
We chose to implement data transfer in-band for a few reasons:
* for small data transfers (e.g. voice messages, small images, etc), the
messages would be indistinguishable from standard text messages to the network
observer
* if an OTR session is established, then we are guaranteed a working,
bidirectional data transfer session, so many direct transfer methods fail
because of NAT
* other file transfer protocols for XMPP often negotiate a direct connection
between the two parties, which is a privacy leak
* OTRDATA works wherever there is OTR, so it'll work on top of many protocols
(XMPP, AIM, IRC, etc).
Here is the overview of the protocol:
https://dev.guardianproject.info/projects/gibberbot/wiki/OTRDATA_Specifications
.hc
--
PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81
More information about the OTR-dev
mailing list