[prev in list] [next in list] [prev in thread] [next in thread]
List: otr-dev
Subject: Re: [OTR-dev] Decrypting messages from an old OTR conversation
From: Paul Wouters <paul () cypherpunks ! ca>
Date: 2006-02-27 19:08:38
Message-ID: Pine.LNX.4.63.0602272007330.4806 () tla ! xelerance ! com
[Download RAW message or body]
On Mon, 27 Feb 2006, Evan Schoenberg wrote:
> The problem: some services support serverside offline messaging. Yahoo and
> ICQ, for example. If Bob is in an encrypted conversation with Alice, and
> Alice signs offline, the service still allows Bob to message Alice, storing
> the (encrypted) message on the server for delivery when Alice next signs
> online. Bob knows that Alice has the information for decrypting his message,
> since they've been communicating previously...
>
> So Alice signs on a day later... but she can't read the message, since the
> conversation has since ended. She receives:
> The encrypted message received from Bob is unreadable, as you are not
> currently communicating privately.
When signing off, the client should close the OTR connection to the "finished"
state.
Paul
--
"Do it today, tomorrow it will be illegal"
--- Source unknown
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic