[OTR-users] Re: [OTR-announce] gaim-otr-0.9.9rc1 online
Ian Goldberg
ian at cypherpunks.ca
Thu Dec 9 07:06:55 EST 2004
[Can people also please look over the README and Protocol documents and
suggest things that need fixing/clarifying?]
On Thu, Dec 09, 2004 at 02:30:45AM +0100, Paul Wouters wrote:
> >- We now send heartbeats (OTR Data Messages with an empty message part)
> > once a minute, to anyone we're confident is still online. If both
> > sides are doing this, then keys get rotated regularly, even if one
> > or both sides aren't actively typing. This aids perfect forward
> > secrecy.
>
> Why would you need to rotate the key if you do not send messages? Isn't
> this just protecting against the last message being able to be read by one
> compromised computer, assuming gaim is still running and a memory dump is
> made? Or is this happening when one user sends plenty of messages and the
> other doesn't send anything back?
>
> I don't understand why the heartbeat is needed.
It's indeed that last bit: the perfect forward secrecy window (say, for
a message from Alice to Bob) lasts until Alice receives the next message
from Bob, and then Bob receives another one back from Alice.
If only one party is actually saying anything, then this window never
closes, and the encryption keys for really old messages are still in
active use.
Using the "heartbeats", the windows close in a mamimum of two minutes
(in the absence of an active attacker DOSing the heartbeats).
It's just an optimization; except for the size of the windows, nothing
should change if the heartbeats are or aren't sent.
> Oh, and you should set the reply-to: in mailman of the otr-announce list
> to otr-users. And make sure listmembers cannot see the list of members
> in mailman for all three lists.
Done.
- Ian
More information about the OTR-users
mailing list