[OTR-dev] Pre-keying via OTR or XMPP

[Nathan of Guardian]

I was thinking about how to pre-key'ing work designed by OWS
(https://whispersystems.org/blog/asynchronous-security/) could be
implemented in a more generic way, that would not be tied to a specific
server or app.

Would it be possible using either an XMPP file transfer mechanism, or
something like our OTRDATA protocol, to send a number of pre-keys to a
contact, say at the time of an existing chat? Would this require
modification of existing OTR implementation, or could the pre-keys be
injected into the existing logic?

Here is my proposed flow:

1) You select a set of favorite contacts which you are likely to have
OTR encrypted chats with.

2) You see them online, and your client has a flag which indicates you
have not yet setup a pre-key cache with them.

3) You send them pre-keys using one of two mechanisms:

3a) You establish an XMPP file transfer (in band ideally) session, and
send a bundle of pre-key bytes to the client, which stores them in
association with your JID.

3b) Your establish an OTR session with them, not to send a message, but
to use OTRDATA or a future OTR protocol method, to exchange a cache of
pre-keys. There is no user interaction in this process.

4) The next time you want to send a message to the user, and they are
offline, you use the pre-key cache to establish an OTR session, and send
the message to the server.

This is all assuming you have an XMPP server that supports the necessary
XEP's for offline messages, such as XEP-0160
(http://xmpp.org/extensions/xep-0160.html). We are also interested in
having this work for transports like Bonjour/Zeroconf, Bluetooth and
others, and so it would be ideal to do the work at the OTR layer.

Thanks for the feedback, and obviously, gratitude as always for Moxie
and co's blazing their own unique path on this.

+n