[OTR-users] otr support in gajim?
Ian Goldberg
ian at cypherpunks.ca
Thu Nov 13 12:00:13 EST 2008
On Thu, Nov 13, 2008 at 01:25:23PM +0100, Jonathan Schleifer wrote:
> Am 13.11.2008 um 08:32 schrieb Paul Wouters:
>
>> A quick check shows that XEY 0116 assumes public key cryptography, so
>> some
>> kind of out of bound public key verification.
>
> Nope, it can be checked in-bound via SAS.
SAS can't be checked in-band; a MITM could just substitute the in-band
values.
>> That's quite different from
>> OTR, which has no prerequisites other then agreeing on a shared secret
>> at
>> a party.
>
> That's exactly how SAS works.
Not quite; OTR allows a prearranged shared secret (of your choice) to be
used to authenticate your buddy. With SAS, you have to first generate
your keys, then exchange the 5-character short random strings.
>> OTR also supports Opportunistic Encryption, eg start crypto without
>> any identification, so protect against passive attacks.
>
> That's not needed in the XMPP world! No need for ugly hacks to show your
> support, you can just put it in the capabilities list! And if it's there,
> it's negotiated automatically, like in Gajim.
This is true.
> But unfortunately, ESessions are dead, because other client developers
> refuse to implement it. They complain it is too complex and others
> complain that there is - just like for OTR - no cryptanalysis.
Hmm? There have been formal analyses of the security of the OTR
protocol. Is there something in particular you'd like to see that's
missing?
- Ian
More information about the OTR-users
mailing list