[OTR-users] OTR and multiple locations
Ian Goldberg
ian at cypherpunks.ca
Tue Jun 3 08:48:30 EDT 2008
On Mon, Jun 02, 2008 at 07:20:46PM +0200, Jonathan Schleifer wrote:
> Alexander Buchner <alexander.buchner at gmx.de> wrote:
>
> > Couldn't he just use the same key at both places?
>
> No, because OTR is a state machine. The other client wouldn't expect
> encrypted data.
Not to mention that the "shared key" would only be a shared
authentication key. For security and privacy reasons, encryption keys
are extremely short-lived, and never stored on disk at all, let alone
shared.
This all having been said, the "multiple logins" problem is one that's
been bothering us for a really long time, and I'm happy to say that
we've now got someone working on fixing exactly that issue. It won't be
in the (imminent) 3.2.0 release, but will almost certainly be in v4.
- Ian
More information about the OTR-users
mailing list