[OTR-users] Pidgin-OTR Logging Behaviour
Greg Troxel
gdt at ir.bbn.com
Wed Feb 1 11:20:09 EST 2012
This is a tough situation, because using OTR can be about
everything on the net, and especially everything handled by $ISP ought
to be encrypted, but I'm not super paranoid
privacy really is important, and putting bits on disk is a major
security risk
So I'd say:
definitely have OTR put out a notice that the conversation is being
logged *every time*, if logging is on
I would default to not logging OTR, and make people change it.
it would be cool if there is some way (I know not enforceable) for an
OTR peer to assert that it is or isn't logging, and to warn the user
if the remote side is logging and they aren't. Or perhaps if one
disables logging to have that flow across and disable. Again, I
realize people can code around this, or cut/paste, etc. But it would
set social expectations.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://lists.cypherpunks.ca/pipermail/otr-users/attachments/20120201/9f823507/attachment.pgp>
More information about the OTR-users
mailing list