-
## Why
As we are currently implementing the revision number 2 of the OTRv4 specification, we need to include a consistent way of using publishing user profiles, prekey profiles and prekey messages.…
-
## Why
What is currently implemented does not match the spec.
## Reference
otrv4/otrv4#138
## Tasks
- [x] Implement serialization
- [x] Implement deserialization
- [x] Correctly seriali…
-
The OTRv4 long-term (public) key is published together with a user profile that's signed with the OTRv3 long-term (private) key.
Can we make use of this and simplify the UI? Can we omit OTRv4 finge…
-
- [x] Add DSA key to client profile, serialize, deserialize.
- [x] Change client profile validation to optionally verify the transitional signature.
- [x] Add API to add a transitional signature to …
-
## Why
We want to target our code for the c99 standard.
## Tasks
- [x] Remove use of stpcpy
- [x] Remove use of strnlen
- [x] Remove use of getline
- [x] Enable `make code-check` in the p…
-
**Updated**: Please ignore me, I'm an idiot. I didn't consider the fact that for each message, a client action is needed.
-
The question has come up on the OTR mailing list whether it would be a good idea to rely on openssl instead of libgoldilocks and libsodium. (The email mistakenly says we can also remove libgcrypt, but…
-
The website is https://www.otr.im/
Time to go:
- https://github.com/otrv4
- https://github.com/otrv4/libotr-ng
-
[Section "Revealing MAC Keys"](https://github.com/otrv4/otrv4/blob/master/otrv4.md#revealing-mac-keys) describes how we either expose used MAC keys on every first message of a new ratchet (message ID …
-
I'm not sure I fully understand the purpose of forger keys. However, in [this section](https://github.com/otrv4/otrv4/blob/a3e82ccacf049a74dd3455f0cfee844934670dff/otrv4.md#kci-attacks) it is stated t…