[prev in list] [next in list] [prev in thread] [next in thread] 

List:       otr-dev
Subject:    Re: [OTR-dev] Decrypting messages from an old OTR conversation
From:       Paul Wouters <paul () cypherpunks ! ca>
Date:       2006-02-27 19:08:38
Message-ID: Pine.LNX.4.63.0602272007330.4806 () tla ! xelerance ! com
[Download RAW message or body]

On Mon, 27 Feb 2006, Evan Schoenberg wrote:

> The problem: some services support serverside offline messaging.  Yahoo and
> ICQ, for example.  If Bob is in an encrypted conversation with Alice, and
> Alice signs offline, the service still allows Bob to message Alice, storing
> the (encrypted) message on the server for delivery when Alice next signs
> online.  Bob knows that Alice has the information for decrypting his message,
> since they've been communicating previously...
>
> So Alice signs on a day later... but she can't read the message, since the
> conversation has since ended.  She receives:
> The encrypted message received from Bob is unreadable, as you are not
> currently communicating privately.

When signing off, the client should close the OTR connection to the "finished"
state.

Paul
-- 

"Do it today, tomorrow it will be illegal"

         --- Source unknown

[prev in list] [next in list] [prev in thread] [next in thread]