[OTR-users] some questions

Ian Goldberg ian at cypherpunks.ca
Fri Dec 29 22:56:49 EST 2006


On Fri, Dec 29, 2006 at 06:04:48PM -0700, Chad Perrin wrote:
> On Fri, Dec 29, 2006 at 07:47:54PM -0500, Ian Goldberg wrote:
> > 
> > We want lots of people to use it.  In the best case, they shouldn't even
> > necessarily be *aware* they're using it (as in Adium X).
> 
> That seems sorta improbable.  How do you verify a key without knowing
> you're using it?

You don't.  But even if they don't verify the key, they're not worse off
than if they don't use OTR at all.  That's the benefit of opportunistic
encryption; if you don't know it's there, you're still no worse off than
if it wasn't there, and you're better off against at least passive
adversaries.

   - Ian



More information about the OTR-users mailing list