[OTR-users] Re: [OTR-announce] Flaw in OTR Protocol (with workaround!)
Ian Goldberg
ian at cypherpunks.ca
Wed Aug 3 14:59:04 EDT 2005
On Wed, Aug 03, 2005 at 02:51:31PM -0400, Gregory Maxwell wrote:
> On 8/3/05, Ian Goldberg <ian at cypherpunks.ca> wrote:
> > Having fragmentation work would simplify a number of things, so I think
> > we might try again. There's still the big issue of how to determine
> > what the correct maximum packet size should be, and I don't know of a
> > good way to do that (see the above thread). Hardcoding some values
> > is a kludgy workaround. Making those values user-configurable at least
> > allows user fixes if the networks change. Any other suggestions?
>
> *IF* we figure out how to survive the ratelimiting and if we are able
> to catch rejected messages:
> Path MTU discovery.
Yes, of course. The problem is exactly that we're *not* able to catch
rejected messages, as far as I know. If you send a message that's too
large into the AIM network, it will happily accept it. At some unknown
time in the future, you *may* receive an error message that says "you
recently sent a message that was too big". Your buddy will simply
receive nothing.
And then there's the problem that gaim plugins don't even get to *see*
that error message at all, as useless as it may be.
- Ian
More information about the OTR-users
mailing list