OTR and general security stuff
Ian Goldberg
iang at cs.uwaterloo.ca
Fri Feb 15 08:22:27 EST 2013
On Fri, Feb 15, 2013 at 02:13:14PM +0100, azrdev wrote:
> 2013/2/13 Ethan Blanton <elb at pidgin.im>:
> > developer). This makes me somewhat nervous about "blessing" the
> > OTR plugin; in particular, there have been a few long-standing and
> > unaddressed bugs (not that I can think of what they are at the
> > moment, but I'm sure someone can) that have plagued Pidgin users
> > for years, and we've had no avenue of contact and seen no support
> > on that front.
> >
>
> To give an example: https://developer.pidgin.im/ticket/15477
> Having OTR ignore XMPP /resources makes it really annoying to use with
> two or more simultaneous logins.
If I remember correctly, pidgin-otr uses the "canonical" name of the
account. This is so that case- and space- and dot- (in)sensitivity
on any particular IM netowrk don't matter.
I don't see the problem, though. You'll just end up with two keys for a
particular account (if the user indeed has separate keys, and didn't
just copy the key file over), which is totally fine.
In any event, this should be on otr-dev, not devel at pidgin.im or
tor-assistants.
- Ian
More information about the Devel
mailing list