Ian Goldberg wrote: > On Sat, Aug 25, 2012 at 08:54:56PM -0700, Arlo Breault wrote: >> If it's only the first messages, you can start the conversation with >> heartbeat packets so that compromising them is meaningless. > > Nice idea! But then we'd have to *require* all OTR clients to implement > this. Since not all OTR clients use libotr (there are a number of > compatible implementations now, though not yet of the new version of the > protocol), it seems bad to force them to change their behaviour because > of a wart in the API of libotr.
But is this really just an API implementation issue, or is it fundamental to the protocol? It seems to me that if you want to support this multiple endpoint scenario, you have this problem no matter what implementation you use. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
