TLS/SSL will encrypt your messages from you to gtalk server. But gtalk
server will decrypt it to send to your destination contact (and
eventually re-encrypt). That means that Google can read your conversations.
OTR is a p2p encryption, so only the end destination can decrypt the
message, any people between you and your contact will only see encrypted
data. In that case Google won't be able to read what you say.
So IMO the question is: "do you trust your server", if not you should
use OTR, otherwise TLS/SSL is enough. tbh if you don't trust your sever,
you already lost...
Xavier Claessens.
Le 07/05/10 07:06, Reşat SABIQ a écrit :
Hi,
I would appreciate any clarifications with regards to encrypted
communication, in particular when using gtalk.
Specifically, here it says
A. OTR is currently not supported:
http://live.gnome.org/Empathy/FAQ#Will_Empathy_have_OTR_.28.22Off_The_Record.22.29_support.3F
But at the same time, for gtalk, there is a checkbox under account
setting, Advanced:
Encryption required (TLS/SSL)
The latter suggests to me that
B. when Encryption required (TLS/SSL) checkbox is selected, gtalk
correspondence will be encrypted.
Are both statements, A. and B., true? If so, what extra benefit will
future support for A. bring? If B. is true, it appears that it would
just eliminate logging when in OTR, but that can't be it, because that
can be done w/o protocol modifications.
Thanks.
_______________________________________________
telepathy mailing list
telepathy@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/telepathy
_______________________________________________
telepathy mailing list
telepathy@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/telepathy
