[OTR-users] Failure to initiate private conversation

Ian Goldberg ian at cypherpunks.ca
Tue Mar 17 12:42:40 EDT 2015


On Tue, Mar 17, 2015 at 04:55:13PM +0100, Paul Gouin wrote:
> Never mind, problem solved.
> 
> Just for testing, I set up a second Jabber account on my own machine, and
> tried private messaging between both. That worked, and then a message
> popped up on my colleague's screen asking him to authenticate my passed
> attempts.
> 
> Not sure why or how things clicked into place just then.

I have one possible theory:

Suppose Alice (i.e. Paul) is logged in from desktop and mobile at the
same time.  The mobile client does *not* support OTR.

[Note that this means the "traditional" problems when Alice is logged in
more than once with OTRv2 clients will not occur, since only one
instance of Alice speaks OTR.]

Bob is logged in once.

They then try to start OTR.  Alice's OTR client sends its protocol
messages to Bob.  Bob's client sends its messages to Alice, but for some
reason, those messages were directed by the XMPP network to Alice's
*mobile* device instead of her OTR device.  This might happen if either
Bob's client specified no resource and the network decided that Alice's
mobile was the right one to send it so, or if Bob's client explicitly
specified Alice's mobile resource for some reason.  Then the gibberish
protocol messages would show up on Alice's mobile device, but Alice's
OTR client didn't get them, so the communication stalled.

Then Alice starts a side conversation.  The XMPP network notices that
Alice's desktop is the active device, and starts sending messages to it,
instead of to the mobile device.  [Mumble something about either Bob or
the XMPP network itself retransmitting undelivered messages?]  Then
Alice and Bob can suddenly complete their OTR handshake.

Possible?  Replicable?

   - Ian


More information about the OTR-users mailing list