[Standards] OTR

Bartosz Małkowski bmalkowski at tigase.pl
Mon Dec 22 16:28:26 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I'm not sure we should start new XMPP stream covered by OTR. It depends on what we want to do. We can't hide that communication between A and B happens. Does encrypting whole stanzas is worth of complications?

Dnia 17 grudnia 2014 17:46:18 CET, Winfried Tilanus <winfried at tilanus.com> napisał(a):
>On 05-12-14 11:24, Goffi wrote:
>
>Hi,
>
>> Is there any update on this ? Actually the situation is not really
>good today:
>> some client encode XML in OTR, other don't, there is no way to
>advertise OTR
>> support with discovery and there is an OTR specific advertisement way
>(with
>> whitespace-tagged messages). OTR need to work with non XMPP gateways.
>It would
>> be really good to standardize all that...
>
>I had some discussion with Ian Goldberg (one of the OTR-guys) on this.
>Their initial choice was to do OTR in plain messages (with their
>somewhat strange way of discovering support and starting sessions), so
>it would be easy to use OTR in a multi-protocol environment. In
>response
>to my comment that it left a lot of information unencrypted he
>suggested
>to start a second OTR protocol in XMPP, one that does proper service
>discovery and properly encrypts everything of the stanzas that should
>be
>encrypted. Optionally embedding the plain version within it when you
>need to transverse to an other protocol.
>
>Well... I think the first step should be documenting the most common
>case, OTR'ing the content of a message in the OTR way....
>
>Winfried

- --
Wysłane za pomocą K-9 Mail.
-----BEGIN PGP SIGNATURE-----
Version: OpenKeychain v3.2beta1

iQFQBAEBCAA6MxxCYXJ0b3N6IE1hbGtvd3NraSAoYm1hbGtvdykgPGJtYWxrb3dz
a2lAdGlnYXNlLnBsPgUCVJhGpQAKCRCoAdab0OzG44/JB/0ZNJCOTYlLaNqENOox
ybj8Qosn7QD+El/W0UE7yrHByAg5BwrjzyRpCitvWE7CT8AfHPtJHx9IBTj2zdSW
U2BXKeO4rFrCwt1UEm2EquPZYyAduYuqQ7yx4sl4C77qF5uz7H/yYck3b0i+v6Yu
5JZVGB5p/fVFSyYOZLOqRGrYVeWIZoiKINTtAlOlFqcUmP2m9iKVm/ovrdIDB43i
UYQ+f1LdTp+mG42WYrEmdOvnKzsiDqARic/wxNO+E6YGiGVKat2ETZqT1WN1hQ1O
bTj/SoeKh3pjq8opMpDZFXE27QKHvP6Qhu5WKVk7UL8AYak1eh9I8hEzpHedsxDS
zt5C
=tO/+
-----END PGP SIGNATURE-----




More information about the Standards mailing list