I was thinking about how to pre-key'ing work designed by OWS (https://whispersystems.org/blog/asynchronous-security/) could be implemented in a more generic way, that would not be tied to a specific server or app.
Would it be possible using either an XMPP file transfer mechanism, or something like our OTRDATA protocol, to send a number of pre-keys to a contact, say at the time of an existing chat? Would this require modification of existing OTR implementation, or could the pre-keys be injected into the existing logic? Here is my proposed flow: 1) You select a set of favorite contacts which you are likely to have OTR encrypted chats with. 2) You see them online, and your client has a flag which indicates you have not yet setup a pre-key cache with them. 3) You send them pre-keys using one of two mechanisms: 3a) You establish an XMPP file transfer (in band ideally) session, and send a bundle of pre-key bytes to the client, which stores them in association with your JID. 3b) Your establish an OTR session with them, not to send a message, but to use OTRDATA or a future OTR protocol method, to exchange a cache of pre-keys. There is no user interaction in this process. 4) The next time you want to send a message to the user, and they are offline, you use the pre-key cache to establish an OTR session, and send the message to the server. This is all assuming you have an XMPP server that supports the necessary XEP's for offline messages, such as XEP-0160 (http://xmpp.org/extensions/xep-0160.html). We are also interested in having this work for transports like Bonjour/Zeroconf, Bluetooth and others, and so it would be ideal to do the work at the OTR layer. Thanks for the feedback, and obviously, gratitude as always for Moxie and co's blazing their own unique path on this. +n _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
