SSL security concern
Ralf Skyper Kaiser
skyper at thc.org
Mon Oct 14 15:13:29 EDT 2013
Brian,
yes, correct. and It's a good feature to have.
Yet we see users sending unencrypted messages even when they think they are
using OTR with private message encryption (yes, users are sometimes stupid).
An option that use encryption by default (which can be disabled by the
user) provides better security at no cost to usability. So why not do it?
regards,
Ralf
On Mon, Oct 14, 2013 at 7:54 PM, Brian Morrison <bdm at fenrir.org.uk> wrote:
> On Mon, 14 Oct 2013 19:25:21 +0100
> Ralf Skyper Kaiser wrote:
>
> > > > 1. Do not allow non-private chats
> > >
> > > I don't know what this means.
> > >
> >
> > ...if OTR plugin is available then do not allow non-encrypted private
> > messages.
>
> This can be set on a per-contact basis for those who use OTR.
>
> --
>
> Brian Morrison
>
> _______________________________________________
> Support at pidgin.im mailing list
> Want to unsubscribe? Use this link:
> http://pidgin.im/cgi-bin/mailman/listinfo/support
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/pipermail/support/attachments/20131014/d139f170/attachment.html>
More information about the Support
mailing list