-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I'm not sure we should start new XMPP stream covered by OTR. It depends on what we want to do. We can't hide that communication between A and B happens. Does encrypting whole stanzas is worth of complications?
Dnia 17 grudnia 2014 17:46:18 CET, Winfried Tilanus <winfr...@tilanus.com> napisał(a): >On 05-12-14 11:24, Goffi wrote: > >Hi, > >> Is there any update on this ? Actually the situation is not really >good today: >> some client encode XML in OTR, other don't, there is no way to >advertise OTR >> support with discovery and there is an OTR specific advertisement way >(with >> whitespace-tagged messages). OTR need to work with non XMPP gateways. >It would >> be really good to standardize all that... > >I had some discussion with Ian Goldberg (one of the OTR-guys) on this. >Their initial choice was to do OTR in plain messages (with their >somewhat strange way of discovering support and starting sessions), so >it would be easy to use OTR in a multi-protocol environment. In >response >to my comment that it left a lot of information unencrypted he >suggested >to start a second OTR protocol in XMPP, one that does proper service >discovery and properly encrypts everything of the stanzas that should >be >encrypted. Optionally embedding the plain version within it when you >need to transverse to an other protocol. > >Well... I think the first step should be documenting the most common >case, OTR'ing the content of a message in the OTR way.... > >Winfried - -- Wysłane za pomocą K-9 Mail. -----BEGIN PGP SIGNATURE----- Version: OpenKeychain v3.2beta1 iQFQBAEBCAA6MxxCYXJ0b3N6IE1hbGtvd3NraSAoYm1hbGtvdykgPGJtYWxrb3dz a2lAdGlnYXNlLnBsPgUCVJhGpQAKCRCoAdab0OzG44/JB/0ZNJCOTYlLaNqENOox ybj8Qosn7QD+El/W0UE7yrHByAg5BwrjzyRpCitvWE7CT8AfHPtJHx9IBTj2zdSW U2BXKeO4rFrCwt1UEm2EquPZYyAduYuqQ7yx4sl4C77qF5uz7H/yYck3b0i+v6Yu 5JZVGB5p/fVFSyYOZLOqRGrYVeWIZoiKINTtAlOlFqcUmP2m9iKVm/ovrdIDB43i UYQ+f1LdTp+mG42WYrEmdOvnKzsiDqARic/wxNO+E6YGiGVKat2ETZqT1WN1hQ1O bTj/SoeKh3pjq8opMpDZFXE27QKHvP6Qhu5WKVk7UL8AYak1eh9I8hEzpHedsxDS zt5C =tO/+ -----END PGP SIGNATURE-----
