-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Justin Karneges wrote: > On Tuesday 07 March 2006 09:13, Peter Saint-Andre wrote: >> Looking at JEP-0116 again, I see that public keys are used to verify the >> identity of the parties, but that the stanzas themselves are signed and >> encrypted with session keys. So identity is asserted and preserved in >> the initial negotiation, but not attached to each stanza. Or so it seems >> (I need to read JEP-0116 again in depth). > > I believe identity is attached at all times. > > For the OTR feature, though, something is done later to make the packet > signatures worthless. The idea is that both parties can have full trust in > each other's identity during the conversation, but it is not possible to > later "prove" that each party actually said what they said, since forgery > would be easy at that point.
Well, somehow I doubt that a court of law would care whether it can be cryptographically proven that one party did or did not say something. Does anyone know of case law on this point? Sure, we geeks know that it's possible for one party (or a third party) to forge messages, but stored email messages have been used to implicate people and we know they can be forged as well. So the repudiability and perfect forward security aspects of OTR don't give me much comfort in the real world. Peter - -- Peter Saint-Andre Jabber Software Foundation http://www.jabber.org/people/stpeter.shtml -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEDgVbNF1RSzyt3NURAr7wAKDgcQzLtWE8gGDbVNQ10wWVqZLtmgCeNzhK /+EWx3VPz6G0PRPlsZbDEoY= =HKUo -----END PGP SIGNATURE-----
smime.p7s
Description: S/MIME Cryptographic Signature
