On Mon, May 07, 2012 at 04:44:26PM +0000, Ague Mill wrote: > Hi! > > I am glad to see OTR development (visibly) moving foward again! :) > > From a quick look at commit logs in libotr repository, I have not > been able to figure out if the future version 4.0 is still vulnerable to > the "Version rollback" attack that was described in the paper > "Finite-State Security Analysis of OTR Version 2" [1] by Joseph Bonneau > and Andrew Morrison. > > [1] http://www.jbonneau.com/OTR_analysis.pdf > > Has this been fixed already? And if it has not, would it be hard to > prevent two clients to switch back to an earlier version of the > protocol? > > Thanks, > -- > Ague
I actually wouldn't mind just removing support for v1 entirely. I don't know of any v1-only clients out there. Does anyone else? Then it would just be a matter of removing OTRL_POLICY_ALLOW_V1 from the OTRL_POLICY_OPPORTUNISTIC, OTRL_POLICY_MANUAL, and OTRL_POLICY_ALWAYS macros in proto.h. - Ian _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
