On Wed, 13 Mar 2013, "Daniel ".koolfy" Faucon" wrote:
- Logging should be deactivated for the entire duration of the OTR session by *DEFAULT*, and the only way to re-activate it should be on a per-conversation basis, manually. I voluntarily refused to add an easy command to re-enabling the systematic logging of OTR conversations. Doing so is toxic
I disagree. While I (reluctantly) agree with a default "no logging" policy, it should be possible for users to enable this. The choice here is really a user preference and has nothing to do with the protocol. Therefor, free software should not try to dictate local user policy. For instance, I use full disk encryption, so my logs are perfectly safe. And I prefer having my logs because I often need to look up things from my logs. Especially if OTR becomes the default enmasse, not allowing people to log their conversation is a sure way to get them to not use OTR. Putting any kind of notification in the protocol is silly, because you cannot trust the client is actually doing what it says. It adds as much security as those snapchat phone applications offering self-destruct photo sending options. It's a total false sense of security. OTR is about protecting the transport of your conversation. Whether or not you can trust your conversation partner's security setup is something everyone has to consider before talking to them. The best OTR can do is to not leave cryptographic evidence that can be used against you. But it ends there. twitter, facebook, sms, iMessage, email. It is all blending. Would you design email software where you can only read a message once and then it would self destruct? No. Paul _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
