[OTR-users] PGP integration?
gdt at ir.bbn.com
Fri Sep 28 09:32:14 EDT 2012
Ian Goldberg <ian at cypherpunks.ca> writes:
> On Fri, Sep 28, 2012 at 02:19:22AM +0100, Ximin Luo wrote:
>> Hi, are there any plans to integrate OTR keys with PGP? (c.f. how
>> monkeysphere integrates SSH keys with PGP).
>> It's good that crypto products don't also try to provide a PKI and
>> reimplement the wheel, but then they should actually *use* existing
>> ones to fill this gap!
> This comes up on the list now and again. ;-)
> One big problem is that there's no way to bind the PGP key for
> "bob at example.com" to the AIM ID "angrybob". Many people already do sign
Sure, but that's not the hard part. When talking to foo at j.example.com,
I often know that I'm trying to talk to foo at example2.org. having the
FP signed by another key, and clicking yes to 'do you want to allow
foo at example2.org to sign for foo at j.example.com' uould be great.
> their OTR keys with their PGP keys, so if you (the person, not your
> software) knows that bob at example.com is the same person as angrybob, you
> can tell your OTR client that you've verified the keys. But there's not
> a good way to do this automatically.
People could also put a jid in a uid field in a key.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 194 bytes
Desc: not available
More information about the OTR-users