Encryption plugins for gaim

Peter Saint-Andre stpeter at jabber.org
Tue Mar 15 14:23:12 EST 2005

On Tue, Mar 15, 2005 at 02:14:48PM -0500, Ian Goldberg wrote:

> OTR works over Jabber today.  Granted, it's not very "Jabberish" (as far
> as I understand the term; I don't know the Jabber protocol very well):
> it just replaces the text of the message with ciphertext.  [gaim, at
> least, doesn't seem to have a way to construct a more "Jabberish"
> message, as far as I could tell.]
> I'd be more than happy to help Jabber-ify the OTR protocol.  The reason
> we designed OTR was exactly that the GPG-over-IM solutions have
> semantics that don't match those of a private conversation: you have
> long-term encryption keys, as well as digital signatures on messages.
> You don't *want* Bob to be able to prove to Charlie that Alice said what
> she did.  [Yet you want Bob to be himself assured of Alice's
> authorship.]  And a compromise of Bob's computer tomorrow should not
> expose today's messages.
> OTR also adds a couple of extra features (malleable encryption,
> publishing of the MAC keys, a toolkit for forging transcripts) to help
> Alice claim that someone's putting words in her mouth.

Obviously I need to read up more on OTR, but thanks for the offer of
assistance -- I'll reply further when my level of ignorance is not quite
so high as it is now.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list