[OTR-dev] Question: Is OTR end to end encrypting ?
Randolph
rdohm321 at gmail.com
Mon Mar 3 08:19:29 EST 2014
Hello
one simple question about OTR, when I use OTR, then encryption is done
between user and user or client and server?
So is the way: UserclientA->Server1->Server2->userclientB is secured end to
end?
OTR means D/H Exchange, what about the possible human beeing in the midde
attack, that server 2 is sending back a faked key and pretends to be
userclientB ?
Plans OTR to implement an end to end key, that is sent over an otr
connections, so that asymmetric encryption can be switched to symmetric
encryption?
That way even clients could participate, which have not otr implemented (by
giving the end to end key over seperate channel, not otr)
Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20140303/4dafc5df/attachment.html>
More information about the OTR-dev
mailing list