-
Original message:
> * What happens if you receive two prekey messages with user profiles
> signed with different long-term keys?
>
> What happens if you locally have two user profiles? This can…
-
Phi should not only verify values from the high level protocol but some shared state from OTR.
Phi should include the instance tags of both parties.
Maybe it should also include the query message…
-
I'd like to know what you think about adding implementation-specific details to the spec or in a separate document.
A few things come to mind:
* How we manage in case of multiple responses on a si…
-
In [Create User Profile Signature](https://github.com/otrv4/otrv4/blob/master/otrv4.md#create-a-user-profile-signature) is written when and how to use the transitional signature, but is missing the pa…
-
The way `KDF_1` and `KDF_2` are written seem to imply that they are reused in dangerous ways. `KDF_1` and `KDF_2`, in some places, are not really separated from each other, meaning: `KDF_1(x) = substr…
-
- [x] On "User Profile Data Type", move "Transitional Signature" above "Profile Signature": should be checked against the code and the signing process.
- [x] On "Creating a User Profile", step 6 ment…
-
- [x] On "User profile" section, clarify the two different profile instances: refer to ADR#3
- [x] ~~On "Creating a User Profile" section, consider the "TAI-10" timezone for the profile expiration t…
-
Such as Ricochet.
-
## Why
A library should be sufficiently secure in the ways it is written.
## Tasks
- [ ] Check that all pointers are freed when needed.
- [x] Check that all pointers are nullified when freed.…
-
- [x] On "Protocol states" section, what happens when a TLV type 1 (Disconnected) message is received? This box suggests that we transition to START, but also to FINISHED.
- [x] On "Protocol events" …