Move fingerprints & private keys to Miranda database

HornyHorse79 / mirotr

Automatically exported from code.google.com/p/mirotr

1 stars 0 forks source link

Move fingerprints & private keys to Miranda database #9

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago

What shall be added?

Move fingerprints & private keys to Miranda database.

Original issue reported on code.google.com by andrzej....@gmail.com on 14 Sep 2010 at 2:26

GoogleCodeExporter commented 8 years ago

why? I think the current mechanism works well.

Original comment by andreas....@student.kit.edu on 14 Sep 2010 at 4:34

Changed state: WontFix

GoogleCodeExporter commented 8 years ago

>why?

1.) For security reason (if someone get acces to my computer they Can modify 
fingerprints, steel private key and use it for MITM attacks). Miranda profile 
Can be password protected.
2.) Because profile database is for plugin settings.

Original comment by andrzej....@gmail.com on 14 Sep 2010 at 5:22

GoogleCodeExporter commented 8 years ago

Maybe later. This requires some larger changes in libotr

Original comment by andreas....@student.kit.edu on 16 Sep 2010 at 9:51

Changed state: New
Added labels: Priority-Low
Removed labels: Priority-Medium

GoogleCodeExporter commented 8 years ago

[deleted comment]

GoogleCodeExporter commented 8 years ago

"Well I think this is not a good idea, because otr have a "Perfect Forward 
Secrecy" system, for more information please read this:
http://en.wikipedia.org/wiki/Perfect_forward_secrecy"
Yes, old message are safe, but if someone steel our private key they Can use it 
for future MITM attacs.

>db_mmap_secure not working with latest Miranda!
For me works great (Miranda 0.10.0.1).
http://mataes.googlecode.com/svn/Miranda/Plugins/Dbx_mmap_sa

Original comment by andrzej....@gmail.com on 20 Sep 2010 at 4:02