LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Martin: Off the Record Messaging: A Tutorial

Martin: Off the Record Messaging: A Tutorial

Posted Jul 31, 2012 17:59 UTC (Tue) by dkg (subscriber, #55359)
In reply to: Martin: Off the Record Messaging: A Tutorial by josh
Parent article: Martin: Off the Record Messaging: A Tutorial

This "handshake" is only necessary the first time you communicate with someone else from your client. After a successful completed handshake, the clients on both sides cache their peers' public keys, and can re-establish communications confidently for future sessions.

Where this falls down, of course, is when one of the parties changes clients (or, worse, connects from a new client each time).

Key management is hard. Unfortunately, key management is also necessary for a cryptosystem to work with regular humans. Having a well-integrated historical keystore is a minor risk (compromised local software gets a list of all your past contacts!) coupled with a major advantage (you can exchange communications in confidence with anyone you've communicated with successfully in the past).

OTR does a pretty decent job of key management within its domain.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds