On 28 May 2014 23:44, Nikita Borisov <[email protected]> wrote: > On Wed, May 28, 2014 at 11:27 PM, Ben Laurie <[email protected]> wrote: >> On 28 May 2014 22:59, Ian Goldberg <[email protected]> wrote: >>> On Wed, May 28, 2014 at 10:55:10PM +0100, Ben Laurie wrote: >>>> Now I'm curious: why is the session ID short? >>> >>> Usability of verification in the (long-since-deprecated) "compare >>> session IDs" method, which works even if you *know* your private keys >>> have been compromised (but only for the current session). >> >> Confused. Why not verify a truncated hash of the (long) session ID? > > The session ID *is* a truncated hash of the DH shared key. IIRC, it > is(was) only used for user session verification, so there's no reason > to have a separate longer sessionID.
OK ... so why do we need a commitment again? > > - Nikita > -- > Nikita Borisov - http://hatswitch.org/~nikita/ > Associate Professor, Electrical and Computer Engineering > Tel: +1 (217) 244-5385, Office: 460 CSL _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
