[OTR-users] multi-party OTR communications? (and other OTR details)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Sep 22 11:06:54 EDT 2008
Thanks for the reply, Ian!
On Mon 2008-09-22 09:29:32 -0400, Ian Goldberg wrote:
> there are a couple of people working on just what a group version of
> OTR should look like, and what its properties should be.
Where is this discussion taking place? I'd be interested in
participating, though i don't have a ton of time to do so.
> Indeed, with the current version of OTR, if Bob keeps a copy of his
> secrets, he can prove that someone he's in cahoots with at some
> point in the past started an OTR session with Alice's client.
> (Because Alice signs a MAC over Bob's ephemeral DH key.) But anyone
> can start an OTR conversation with anyone else (quite
> intentionally). On the drawing board is a variation that will
> remove even this.
This is very interesting. Can you give a summary of how something
like this might be possible without removing the ability to be sure
that your conversation partner is who they claim to be?
While the deniability features are pretty cool from a crypto
perspective, it doesn't seem to me like they offer any *more*
deniability than the deniability you have with unencrypted/unsigned
material (e.g. the contents of a web server logs, or a traffic dump
From a router). Given that unencrypted/unsigned digital material is
regularly respected as powerful evidence in legal disputes, contract
negotiations, and journalism already, i'm not sure how much practical
gain OTR users really get from the deniability property (though if the
legal or journalistic climate *does* change, it would certainly be
advantageous).
I guess what i'm saying is that the deniability feature of OTR is not
as high a priority for me as the other features (such as IM-layer
protocol independence, remote-party authentication (including SMP),
and a clear, simple UI).
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
URL: <http://lists.cypherpunks.ca/pipermail/otr-users/attachments/20080922/8108e442/attachment.pgp>
More information about the OTR-users
mailing list