[OTR-users] Does OTR cache authentication questions?
Ian Goldberg
ian at cypherpunks.ca
Tue Sep 10 08:24:37 EDT 2013
On Tue, Sep 10, 2013 at 01:24:08PM +0200, Pete Stephenson wrote:
> On Tue, Sep 10, 2013 at 12:54 PM, Lachezar Dobrev <l.dobrev at gmail.com> wrote:
> > Are you by any chance using Google Talk (now Hangouts)?
>
> Indeed I am. We're both using Google Talk and XMPP.
>
> I apologize for not mentioning that earlier.
>
> > AFAIK OTR uses the IM's communication channel to send and receive
> > peer authentication in specially formatted messages.
> > With the recent changes in Google Talk I've had numerous occasions
> > where messages I sent to my contacts got stalled, and not resent until
> > my peers started using different client/device, sometimes with a week
> > of delay. That might be an underlying cause of your problem.
>
> Interesting. That sounds precisely like what's going on. It sounds
> like this is an issue with Google Talk and not OTR. My apologies for
> the noise.
>
> Do OTR messages include a timestamp? I was thinking that it might be
> good for OTR to silently drop authentication requests that arrive
> after a sufficiently-long delay (e.g. >1 week) rather than attempt to
> interpret them.
>
> Thanks for the prompt response.
I would normally expect the session keys to have changed by then, and so
the (long-delayed) message should have become unreadable by your buddy?
Or is it the case that right after you originally sent the auth
request, you stopped chatting for a week (but kept your IM clients
open)? Was this with pidgin-otr 4 on both sides?
Thanks,
- Ian
More information about the OTR-users
mailing list