On Fri, Aug 23, 2013 at 11:11:27PM +0200, Jurre van Bergen wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 08/23/2013 10:54 PM, Paul Wouters wrote: > > On Thu, 15 Aug 2013, Timo Sirainen wrote: > > > > Ian, what's your take on this? Should we support it? > > > > If so, I'd like to add the keytype number for RSA in the upcoming OTR > > draft. > > > > Paul > > > >> Date: Thu, 15 Aug 2013 15:42:50 > >> From: Timo Sirainen <[email protected]> > >> To: [email protected] > >> Subject: Re: [OTR-dev] RSA signatures again > >> > >> On 15.8.2013, at 19.00, Timo Sirainen <[email protected]> wrote: > >> > >>> I was planning to use libotr for a project where I'd need both > "normal" asymmetric encryption (RSA probably) and OTR-like encryption. > The problem is that I was hoping to use a single public key for both > uses, but OTR uses only DSA and I can't do encryption with it. My next > thought was to modify libotr to support RSA signatures as well, but > since I'm not really a crypto expert I thought I'd ask here first if > that's even a good idea? Would it be as simple as changing the > DSA-specific code to RSA or are there some deeper problems to solve as well? > >> > >> At least it seems to work..
Wait: you're trying to use the same key for signing messages in OTR and for decrypting messages in another protocol? This is an *extremely* bad idea cryptographically. Or do I misunderstand? > Allow me to hijack this thread a bit.. what happened to the idea of > swapping out DSA for ECC? Wouldn't it make more sense to include ECC and > not RSA? Especially with the look at the future? I'm more willing to discuss some variant of ECDSA (Ed25519?). But one of my big concerns is support in the variety of languages for which there already exist libotr implementations. - Ian _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
