On 29 May 2014 00:20, Ben Laurie <[email protected]> wrote: > On 28 May 2014 23:44, Nikita Borisov <[email protected]> wrote: >> On Wed, May 28, 2014 at 11:27 PM, Ben Laurie <[email protected]> wrote: >>> On 28 May 2014 22:59, Ian Goldberg <[email protected]> wrote: >>>> On Wed, May 28, 2014 at 10:55:10PM +0100, Ben Laurie wrote: >>>>> Now I'm curious: why is the session ID short? >>>> >>>> Usability of verification in the (long-since-deprecated) "compare >>>> session IDs" method, which works even if you *know* your private keys >>>> have been compromised (but only for the current session). >>> >>> Confused. Why not verify a truncated hash of the (long) session ID? >> >> The session ID *is* a truncated hash of the DH shared key. IIRC, it >> is(was) only used for user session verification, so there's no reason >> to have a separate longer sessionID. > > OK ... so why do we need a commitment again?
Oh. I see. :-) _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
