[OTR-users] What we can expect in future? / file transfer via OTR?

Ian Goldberg ian at cypherpunks.ca
Mon Nov 26 18:23:17 EST 2007


On Mon, Nov 26, 2007 at 10:42:27AM -0500, Gregory Maxwell wrote:
> On Nov 26, 2007 10:24 AM, Michael Reichenbach
> <michael_reichenbach at freenet.de> wrote:
> [snip]
> > Imho OTR is a protocol and it`s in final version and no good idea to
> > change it because many clients implement it.

In fact, it was built for extensibility, so adding a feature like this
wouldn't break anything.

> It may be possible for OTR to help offer encrypted file transfer with
> very little change to the protocol.   Simply provide an interface in
> OTR for OTR to send an empty message then return the encryption key
> and mac key used for that message.  The client would then encrypt the
> file using those keys and send the file through the normal file
> transfer means. The remote client could use the same keys.
> 
> Some work would need to be included to defer the release of that mac
> key until the file was received... but we're not talking a complete
> protocol overhaul.

Indeed, adding a new TLV type which basically says "expect a file
transfer with this specified transfer cookie, to be encrypted and MACd
with keys derived from this message's encryption key" should be
sufficient.

> Generally the ability for OTR to act as a person to person key
> producer would be pretty useful.  Especially now that it offers the
> secure millionare based real-time authentication, which is a feature
> not offered by anything else.
> 
> Sending files as in-band OTR messages, as was suggested, is pretty
> much a non-starter: most IM systems rate limit messages.

For sure.

   - Ian



More information about the OTR-users mailing list