[OTR-users] some questions
Ian Goldberg
ian at cypherpunks.ca
Fri Dec 29 22:56:49 EST 2006
On Fri, Dec 29, 2006 at 06:04:48PM -0700, Chad Perrin wrote:
> On Fri, Dec 29, 2006 at 07:47:54PM -0500, Ian Goldberg wrote:
> >
> > We want lots of people to use it. In the best case, they shouldn't even
> > necessarily be *aware* they're using it (as in Adium X).
>
> That seems sorta improbable. How do you verify a key without knowing
> you're using it?
You don't. But even if they don't verify the key, they're not worse off
than if they don't use OTR at all. That's the benefit of opportunistic
encryption; if you don't know it's there, you're still no worse off than
if it wasn't there, and you're better off against at least passive
adversaries.
- Ian
More information about the OTR-users
mailing list