[OTR-dev] Using libotr
Chris Ballinger
chrisballinger at gmail.com
Tue Mar 11 13:17:16 EDT 2014
If you are implementing OTR file transfers, there is an OTRv2-compatible
spec called OTRDATA that uses in-band TLVs:
https://dev.guardianproject.info/projects/gibberbot/wiki/OTRDATA_Specifications
On Mon, Mar 10, 2014 at 6:14 PM, Alex Burzyński <alex.burzynski at gmail.com>wrote:
> Hi,
>
> I've asked those questions on #otr, but was pointed here to get the
> answers.
>
> Symmetric key:
> I wasn't sure what "int use" is for (in otrl_message_symkey) but thanks to
> DrWhax++ I think I understand it more now - just need to revalidate:
> - so use isn't defined as such yet
> - there is the notion of using use=1 as file transfer
> - and the reason for having the symkey at all is that both parties could
> encrypt/decrypt the messages sent outside of OTR messages, but agree on the
> key within the OTR conversation
>
> is that correct?
>
> gone_secure callback
> why gone_secure is executed on Alice's side before Bob receives SIGNATURE
> message?
> if Bob starts AKE, then gone_secure is called when Alice receives Bob's
> signature
> so in practise if Alice upon gone_secure tries to write to Bob, Bob gets
> RCVDMSG_NOT_IN_PRIVATE - which is correct as the AKE is not finalised yet
>
> so how/when would Alice know that she can now send message to Bob?
>
> Fragmentation policy
> I don't fully understand the how
> OTRL_FRAGMENT_SEND_ALL_(BUT_FIRST|BUT_LAST) work, where those fragments are
> stored and why?
> how my use of otrl_message_sending/receiving() should change depending on
> OtrlFragmentPolicy?
>
> Ending conversation
> As someone already noticed on the list gone_insecure isn't called in
> current code, pidgin-otr detects that the other side ended conversation by
> checking TLV of incoming message.
>
> otrl_message_disconnect() works fine, but I've noticed that pidgin-otr
> doesn't seem to send anything when the user decides to End private
> converstation (based on XMPP console), does it depend on the current
> context?
> (Some background: I'm testing my code by communicating to piding-otr)
>
> Resending messages
> that may be more about user-experience, but the Protocol page mentions
> "recent stored message" - does it refer to auth.lastauthmsg? Should I queue
> messages for resending in the app until the communication is private?
>
> Thanks,
> Alex
>
>
> _______________________________________________
> OTR-dev mailing list
> OTR-dev at lists.cypherpunks.ca
> http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20140311/33b2726f/attachment.html>
More information about the OTR-dev
mailing list