[OTR-users] New gaim-otr and otrproxy ready for beta testing
CLAY SHENTRUP
CLAY at BROKENLADDER.COM
Mon Oct 17 22:40:04 EDT 2005
>
> I think your confusion may have been between the long-lived public DSA
> keys (from which your fingerprint is derived) vs. the short-lived public
> Diffie-Hellman keys (from which the session id is derived).
No, my confusion comes from thinking that the other party's fingerprint
played a part in the derivation of the session key, rather than playing a
part in the derivation of the signature of the session key. If it played a
part in the derivation of the key itself, then by verifying that session key
with you, your friend would be verifying (a hash of) his fingerprint. Hope
I'm making some sense here.
Clay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-users/attachments/20051017/4822d52f/attachment.html>
More information about the OTR-users
mailing list