[OTR-dev] OTR version 4 Draft #2

[Nik Unger]

On 05/11/2018 10:49 AM, Carsten Mattner wrote:
> On 5/11/18, Ola Bini <list at olabini.se> wrote:
> 
>> Personally, I'm strongly against adding group chat to the core
>> protocol - I think if and when a good group chat proposal exists, it
>> should be separate. It would add too much complexity, in my point of
>> view.
> 
> Group chat has still not been solved in a safe way, so I'd stay clear
> of it, as well.

I would also recommend against anticipating group chat support in the
libotr-ng API. The current cryptographic protocols for secure group chat
have many problems. Nonetheless, based on our current work and my read
on the progress of other efforts, it is reasonable to expect one or more
good solutions with a common API to appear within the next year.

However, our current understanding is that it is not possible to create
a simultaneously non-interactive (i.e., suitable for text messaging),
authenticated, and deniable group messaging protocol with our current
tools. This means that the hypothetical group chat version of libotr-ng
(libotr-ng-ng?) will need a significantly different API: either it will
need to drop the new non-interactivity support in OTRv4 (dramatically
limiting the applications), or deniability (and at that point, why
should it be called "off-the-record"?).

In either case, designing the current API to anticipate one of these
compromises would almost certainly be a mistake for these reasons and
also the aforementioned complexity issue. Getting OTRv4 out the door and
into users' hands soon is far more important.

~Nik