[Cryptography] Rubber-hose resistance?
Walter van Holst
walter.van.holst at xs4all.nl
Tue Dec 12 15:16:42 EST 2017
On 2017-12-12 20:42, Matt Maxson wrote:
>> OTR, you hateful, user-unfriendly pile of bovine excrement.
>
> is there something wrong with otr? or is it just the implementations
> you don't like? I'm looking to learn more here...not challenge your
> statement.
I have yet to see an implementation that doesn't force the user to force
a renegotiation of keys when someone that is part of the conversation
has had his/her device suspended. Which happens all the time with
laptops and mobile devices.
It also does not allow for a pretty common use case in which at least
one side of the conversation switches devices frequently while
continuing the conversation.
Less of a design issue, probably more of an implementation issue is that
when both sides enforce OTR but the negotiation somehow fails, there's
no way to fix this without both sides dropping OTR.
Couple the above issues with the use of UX-wise problematic protocls
like XMPP and you end up in a situation in which people just drop OTR to
make the conversation happen in the first place.
OTR appears to be designed by people who were thinking in continuous
network sessions, not even devices talking to each other, let alone
*human beings* having a *human conversation*. Every explanation I have
heard so far centered around "plausible deniability". Which is useless.
So we have a protocol that's useless from a UX perspective, all for the
sake of having "plausible deniability", ergo, being useless.
Regards,
Walter
More information about the cryptography
mailing list