On Thu, Oct 22, 2009 at 6:51 PM, Boroondas Gupte <[email protected]> wrote: > Carlo Wood wrote: >> 2) C == A or C == B. Tell C not to use encryption or not to send ARs. > ... or to disclose the session key as part of the AR. (Assuming the > session key won't give the governance team enough information about the > private key, so future communication would still be save.)
There is no session key that can decrypt the communication. The way OTR works is that it uses a new key for each message,which is immediately thrown away. The *whole* *point* of OTR is to make both decrypting previous conversations and proving the contents of conversations as hard as possible - that's why it's called "off the record". If you want your instant message conversations logged by Linden Labs for AR purposes, don't use OTR. Of course, this probably isn't the real problem Linden Labs have with OTR encryption. They've got used to using mass monitoring of all IMs and in-world chat to prevent griefing, amongst other things. (All the effective griefer groups moved to out-of-world co-ordination channels a long time ago for this reason.) OTR removes this monitoring ability, making the grid gods a little bit less powerful. _______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/SLDev Please read the policies before posting to keep unmoderated posting privileges
