Hi all, there has been quite a lot of talk about mpOTR in the last couple of years, but it seems that there's no usable implementation available of it, yet. At least none that I have been able to track down.
And ... please let's not discuss any issues of repudiation of encrypted group chat protocols in this thread. As far as it seems from the original mpOTR paper, there are also lots of specifications that still need to be nailed down. A lot in this respect has happened already with some draft notes collected through the Cryptocat project. We've also got a need for an mpOTR implementation, and we would really like to build our infrastructure as far on standards as possible, and avoid too much self knit solutions where it comes to communication interactions. Therefore, I'm reaching out with this mail to gauge for interest within the community, and see who would have an interest in participating in an implementation of mpOTR. From what I've seen "out there", the obvious parties are * The Crypto.cat project * The Guardian project * Jacob Appelbaum * Some researchers from Moscow State University * ... and possibly others ... Anyway, I'm really keen to hear from any of you guys, and to collaborate on any level towards (A) a sane standard, and (B) usable implementations. We're willing to commit with resources (time and development) towards this. Our initial needs are for a JavaScript as well as a native code implementation. And we would like to see the fruit of this effort to be available as open source (maybe a reference implementation) with a liberal enough license, so that it can be utilised by as many as possible. Our initial brainstorming has (very briefly and roughly) resulted in a sequence of development steps according to the following: * make an mpENC implementation, picking up the basic concepts of the current Crypto.cat multi-party specification (but probably divert a bit further from JSON-only encoding towards having a binary format for individual transmitted messages, to be more compliant with the current OTR approach). * improve mpENC (mpENCv2) by implementing some kind of group key agreement (e. g. Group Diffie-Hellman) to overcome the problem of multiple encrypted/authenticated messages towards a single, that's readable by the whole group. * go through various steps implementing further details of mpOTR (morphing mpENC --> mpOTR) * ... * mpOTR: You have reached your destination :-) We're keen for any kind of feedback, and for any type of response towards this collaborative effort. I'm hoping that this out reach will inject a bit or momentum into the mpOTR efforts. Any thoughts, calls, shouts, utterances of disgust ...? Sunny summer greetings, Guy
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
