[OTR-users] some questions
Chad Perrin
perrin at apotheon.com
Sat Dec 30 03:16:55 EST 2006
On Fri, Dec 29, 2006 at 10:56:49PM -0500, Ian Goldberg wrote:
> On Fri, Dec 29, 2006 at 06:04:48PM -0700, Chad Perrin wrote:
> > On Fri, Dec 29, 2006 at 07:47:54PM -0500, Ian Goldberg wrote:
> > >
> > > We want lots of people to use it. In the best case, they shouldn't even
> > > necessarily be *aware* they're using it (as in Adium X).
> >
> > That seems sorta improbable. How do you verify a key without knowing
> > you're using it?
>
> You don't. But even if they don't verify the key, they're not worse off
> than if they don't use OTR at all. That's the benefit of opportunistic
> encryption; if you don't know it's there, you're still no worse off than
> if it wasn't there, and you're better off against at least passive
> adversaries.
Well . . . yeah, you have a point, there. I tend to try to get verified
with everyone*, though. I'm sure I'm no more paranoid than most of the
rest of the people on this list, regardless.
* Everyone that uses Gaim-OTR, that is.
--
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
print substr("Just another Perl hacker", 0, -2);
More information about the OTR-users
mailing list