registry team mailing list archive

[Nate Moore <putermd@xxxxxxxxx>]

Things like this: http://live.gnome.org/Empathy/FAQ#Will_Empathy_have_OTR_.28.22Off_The_Record.22.29_support.3F
Concern me greatly. While it would be wonderful to have the end-to-end communications secured natively in the protocol, the sad truth is that we're never going to get an update to the legacy protocols to support it. 

And no, the answer isn't "Just move to another instant message platform"
One of the advantages of tools like Empathy is the ability to support a multi-service situation. It allows me to run a single app, and connect to any service I need.

The arguments that, "Pidgin supports it, you should too." don't really
hold much water. I go back to the requirements that drove me to OTR in
the first place.

Encryption: No one else can read your instant messages.

Authentication: You are assured the correspondent is who you think it
is.

Deniability: The messages you send do not have digital signatures that
are checkable by a third party. Anyone can forge messages after a
conversation to make them look like they came from you. However, during
a conversation, your correspondent is assured the messages he sees are
authentic and unmodified.

Perfect forward secrecy: If you lose control of your private keys, no
previous conversation is compromised.

So, to me it's as simple as that. Please find a way to get the above
services into Empathy. I personally would suggest the use of OTR as
there are already libraries developed you can use to use.

-- 
empathy needs to support OTR encryption
https://bugs.launchpad.net/bugs/296867
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Fedora.