OTR in Pidgin?
Phil Hannent
phil at hannent.co.uk
Thu Jan 15 07:23:14 EST 2009
gram wizard wrote:
> Sexual transmission.
I always wondered what happened at these key signing parties, now I know.
>
> On Thu, Jan 15, 2009 at 11:10 PM, Ian Goldberg <iang at cs.uwaterloo.ca
> <mailto:iang at cs.uwaterloo.ca>> wrote:
>
> On Wed, Jan 14, 2009 at 07:29:02PM -0800, Jeff Connelly wrote:
> > On Tue, Jan 13, 2009 at 6:22 PM, Casey Ho <pidgin at caseyho.com
> <mailto:pidgin at caseyho.com>> wrote:
> > >
> > > >From a cryptography standpoint, OTR appears to be the best solution
> > > available. Pidgin-encryption does not offer a mechanism for secure
> > > key exchange, whereas OTR uses Diffie-Hellman. Pidgin-Paranoia uses
> > > one time pads, which have historically been vulnerable because no
> > > computer can be truly random.
> >
> > It is relatively easy to build a true (hardware) random number
> generator to
> > create one-time pads: http://imotp.sourceforge.net/noise.pdf
> >
> > Of course, the average user won't do this, but for the greatest
> security, it
> > is IMHO the best option.
>
> One-time pads are the best option? You're kidding, right? How do you
> propose to share the key material with all your buddies?
>
> - Ian
>
> _______________________________________________
> Devel mailing list
> Devel at pidgin.im <mailto:Devel at pidgin.im>
> http://pidgin.im/cgi-bin/mailman/listinfo/devel
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Devel mailing list
> Devel at pidgin.im
> http://pidgin.im/cgi-bin/mailman/listinfo/devel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://pidgin.im/pipermail/devel/attachments/20090115/125ae5f0/attachment.sig>
More information about the Devel
mailing list