Open claucece opened 6 years ago
cc. @olabini @giovaneliberato
If we go for this option:
Every time you send offline messages to a participant, you start a new DAKE; then this worries me from an specification level. This ratchet will only be encrypted not with new ephemeral material but with the "fake sending chain key" (We decided to derive a sending ratchet key from the Mixed shared secret, and to make the first root key to 0.). There will be no subsequent ratchets, so it will only be encrypted with that.
Hmmmmmmm. So yeah, from my side, the optimal would be this:
This does imply that the ratchets should be kept even when people are going offline. Maybe even after restarting the program? Does this answer the questions in this issue?
If Alice starts an offline DAKE to send messages, she should keep that ratchet for x amount of time, so she can send lots of messages before starting a new non-interactive DAKE
Already happening.
If Alice sends offline messages, and then Alice goes offline, then Bob comes online and receives these messages, it seems Bob should be able to continue responding on the same ratchet as was created when receiving Alice's message.
Yes. And then it is actually ratcheting.
This does imply that the ratchets should be kept even when people are going offline.
Yes. But I'm not sure how possible is this. We will gave to write the state of the ratchet somewhere?
Yes. But I'm not sure how possible is this. We will gave to write the state of the ratchet somewhere?
Yeah, that's what worries me a little. But it seems like the right way to give a good user experience.
But it seems like the right way to give a good user experience.
Yeah... let's do that
More discussion for this one before implementing anything.
Right now the offline conversation is working this way:
Alice sends data messages to offline Bob and he successfully receives them.
Bob starts a new DAKE and sends data messages to offline Alice and Alice successfully receives them.
However, it should be possible to do this:
(All in the same DAKE)
Alice sends data messages to offline Bob and he successfully receives them; Bob, when coming online, in the same conversation, sends data messages to offline Alice and she successfully receives them.
Right now, this is impossible to do, because every time that Alice logs in, she does not keep the previous state machine, and if she receives data messages in the same dake, they will be in
?OTR Error: ERROR_2: OTRNG_ERR_MSG_NOT_PRIVATE_STATE
.How shall we handle this?