Hello, resuming this thread because I'm studying encryption options for KDE's Kopete IM client.
So far, OTR adoption seems unjustifiable, really. I mean, it uses the Diffie-Hellman key exchange method with block ciphers. As of what I got from your (Robert) explanation plus some preliminary conclusions of my studies, making use of asymmetric algos with OpenPGP would be more coherent and secure, mathematically. Is it correct? Regards, On Fri, Apr 29, 2011 at 10:12 AM, Robert J. Hansen <r...@sixdemonbag.org> wrote: > On 4/28/11 11:05 AM, Michel Messerschmidt wrote: >> Sounds very much like Off-the-Record messaging for every kind of >> communication. Or is there a difference I have missed? > > The barrier to usage is still high with OTR: users still have to > authenticate, and you can get horrible sync issues. Plus, let's not > forget the wacky hijinks that occur if you're logged into IM from two > places at once -- although this is explicitly supported by some IM > protocols (Jabber), with OTR it causes no end of troubles. > > The thought experiment here -- it's not a real proposal -- is, "what > would happen if we discarded authentication entirely, and went purely > for a require-brute-force approach to discover the random session key?" > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > Marcio Barbado, Jr. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users