flo at geekplace.eu
Tue Feb 3 09:37:14 UTC 2015
On 03.02.2015 10:04, Dave Cridland wrote:
> On 2 Feb 2015 18:49, "Peter Saint-Andre - &yet" <peter at andyet.net
> <mailto:peter at andyet.net>> wrote:
>> On 2/2/15 5:22 AM, Hund, Johannes wrote:
>>> Since it was undisclosed that even the NSA seems to have problems
>>> breaking into OTR , it gained a lot of attention it seems and thus
>>> does a good deal in supporting XMPP as a choice for applications with
>>> high requirements in privacy and security as its often the case for
>>> IoT applications.
>> OTR secures only the character data of the XMPP <body/> element within
> message stanzas. That's appropriate for IM but doesn't really help with
> things like IoT (which often use extended namespaces).
> Exactly, and this is the kind of thing I was hoping that documenting the
> current OTR usage in XMPP would show clearly.
Isn't "documenting the current OTR usage in XMPP" simply
… put OTR stuff here …
where "OTR stuff" is defined at
https://otr.cypherpunks.ca/Protocol-v2-3.1.0.html (I think most
implementations use OTR v2) and
So OTR is IM protocol-agnostic. You can see how OTR tries to negotiate
using whitespaces at the end of String within the </body> element at
I'm also not sure if, not only because it's IM protocol-agnostic, OTR
would be a good fit for IoT. Some research in this direction would sure
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 668 bytes
Desc: OpenPGP digital signature
More information about the Standards