On Sat, Sep 14, 2013 at 04:06:23PM -0400, Paul Wouters wrote: > > I mostly want an accidental typing of /me or /whatever to not leak > plaintext during an OTR conversation: > > <otr session active> > Hi Mr.Snowden > /me is scared about the NSA <--- leaks plaintext > about that secret file. The password is: > /secretliesandstatistics <----- leaks plaintext
I think we al agree that we don't want to leak something. The question is just how it should be implemented protocol wise. That /me now leaks something clearly isn't what we want, and I think that on IRC we want a normal PRIVMSG with the whose, including the ACTION part encrypted. I have no ideal what happens when you do /secretliesandstatistics, since I've never used pidgin to do IRC. With all clients I've used if "secretliesandstatistics" isn't a known command the client itself will give an error message and it's never send to the server. I have to use something like /quote to send raw irc commands. But I can imagine that some clients just try to send that to the server and let the generate an error message instead. Kurt _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
