[OTR-users] new user, comments on authentication

Michael Reichenbach michael_reichenbach at freenet.de
Thu Nov 29 02:57:32 EST 2007


1) Well, if the shared secret is weak against mitm (because of dh) then 
you should drop it.

2) I think otr is about chatting secure with friends. In this case there 
can be not trusted third party like a web of trust. With a web of trust 
there is always the risk these days that some authority uses legal power 
to compromise that system.

Web of trust can be only useful in commercial use (like ssl for 
communicating with bank. A web of trust has a point in this situation, 
but can be broken by authority with power over the web of trust / or 
even more simply the bank).

3) As long checking the fingerprint is secure (even if there is an 
active mitm from beginning from the first time for all times) I am happy.

4) This fingerprint needs to be checked either over a pre-secure channel 
or in a real life meeting. While saying "pre-secure" channel we are also 
back at complicated encryption and pgp.

Phone is not that good for checking fingerprint (ok, voice synthetic 
attack is only in very little cases these days but it`s no real secure 
solution).

I wish there would be a more easy solution, but I am afraid there isn`t.

5) The otr team did their job. Secure encryption between friends always 
need confirmation anything (fingerprint or public key) within a meeting 
in real life. Only if you suspect there are no logs / mitm for the first 
time of communication, then also dh and trusting the fingeprint without 
checking it might work but this is much less secure because you better 
should not suspect that.



More information about the OTR-users mailing list