XMPP Message Carbons and OTR

Michael McConville mmcconville at mykolab.com
Fri Aug 7 22:21:24 EDT 2015


Koosha Khajehmoogahi wrote:
> The XEP-0280 (Message Carbons) specification states that some
> particular messages could be excluded from being carbon copied by
> having a <private/> tag in them.
> 
> While I am working on this XEP, I would like to know if there is any
> use case for these "private" messages. One possible use case would be
> OTR messages. Is there any other example?
> 
> The other thing to consider is how this thing should be implemented.
> OTR is implemented by a plugin and not by the libpurple AFAIK.

The Pidgin OTR plugin injects encrypted messages. Therefore,
OTR-encrypted messages can only be viewed on one predetermined device.
This also means that carbons won't be a significant privacy or security
threat to OTR.

The worst case scenario is that all of the sender and recipient's other
devices will get spammed with bizarre-looking hex. That isn't something
you'd want, though, so we would have to make sure that carbons are
disabled when OTR is on.



More information about the Devel mailing list