[OTR-users] New gaim-otr and otrproxy ready for beta testing

Ian Goldberg ian at cypherpunks.ca
Mon Oct 17 17:49:55 EDT 2005


On Mon, Oct 17, 2005 at 02:22:19PM -0700, CLAY SHENTRUP wrote:
> Ian,
> 
> I think it's interesting, perhaps unusual, that you chose to have the
> plug-in keept track of verification state. I envisioned that as something
> you'd check before accepting the fingerprint in the first place. You'd call
> the person, or use some trustworthy second channel, to get a fingerprint of
> his long-term key. When using OTR with someone for the first time, you would
> see a "popup" (this could just be text in the channel window) that would ask
> you to accept the fingerprint. You wouldn't select "yes" until you had
> verified it. I'm not sure why the new plug-in readily allows the user to
> start the session knowing that the other party's fingerprint has not been
> verified.

Because, mainly, that's not how it works in practice.  [That's how the
plugin used to behave.]  People generally just click to dismiss the
dialog box, usually without even reading it.  This way, they're free to
do that, and the plugin will just note that they haven't explicitly
checked the fingerprints yet.  When/if they actually *do* phone up their
friend, they can right-click on the OTR button and choose "Verify
fingerprint".  At that point, their icon will change to "Private".

There are also a couple of technical issues.  One is that the old way, if
Alice accepts Bob's fingerprint, and sends a message, but Bob hasn't yet
accepted Alice's fingerprint, they'll get all sorts of errors.  Another
is that allowing you to verify a fingerprint *after* the session is
established allows more flexibility in the choice of how to actually
verify it.  One thing we want to do in the future is allow for
"preshared secrets".  You convince your friend (while you're out in a
bar) to install OTR when she gets home, and scrawl some random secret on
a napkin.  After she installs OTR (and generates her fingerprint),
you'll be able to authenticate each other by each typing the secret into
your client.

> I also don't know what you mean by "finished". If a session has expired, the
> lock should just be unlocked, right? I'm still not sure why you're not just
> using locked and unlocked, two icons only.

"Finished" indicates that your buddy has terminated his end of the
private conversation (and let you know that).  It's now pointless to
send him encrypted messages, and you *don't* want to automatically
switch to sending plaintext messages (imagine you were in the middle of
typing something private when this happened, just before you hit
"Enter").  So we instead switch to this mode which blocks all outgoing
messages to this buddy, until you choose to either explicitly go
plaintext, or else restart the private conversation.

> P.S. I figured you were teaching at UC, since the original /. article called
> you "UC crytographers" or something like that.

Yeah, we used to be (students) at UC, but not any more.

   - Ian



More information about the OTR-users mailing list