On 12/29/2014 01:37 PM, Bartosz Małkowski wrote: > >> Wiadomość napisana przez Sam Whited <s...@samwhited.com> w dniu 29 gru 2014, >> o godz. 18:36: >> >> The main problem I see there would be deniability; a lot of things I see >> people suggest would potentially ruin the ability of the protocol to >> provide deniability. > > Can you explain?
Eg. the suggestion someone made earlier about adding signing of OTR keys. Any sort of signing should be a no (it's not part of the original OTR protocol, and is contrary to its goals). I've seen this sort of thing suggested a few times elsewhere. Rereading that paragraph, I'm confused as to what I was talking about too; possibly ignore it and just read that as "we should keep OTR's goals in mind as we develop to make sure we don't inadvertantly leak information and break one of those goals". > If encrypted stream will be established, then what problems you see? > We can’t hide fact that OTR stream is established between two > entities. Different kind of deniability (sorry, my message was confusing as I mentioned both, and it may have sounded like I was talking about the same thing). You're probably right; don't know why I even mentioned that (the initial OTR stream setup will always show that OTR was being used, even if OTR messages are designed in such a way that there could be plausable deniability that OTR was being used). I don't think it's something we should concern ourselves with anyways. —Sam -- Sam Whited pub 4096R/54083AE104EA7AD3 https://blog.samwhited.com
signature.asc
Description: OpenPGP digital signature