[Bug 794453] Re: First message is sent unencrypted

2012-05-18 Thread Zooko Wilcox-O'Hearn
If anybody knows of an upstream bug report about this, could you give the link to it here? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/794453 Title: First message is sent unencrypted To manage no

[Bug 794453] Re: First message is sent unencrypted

2012-05-18 Thread Zooko Wilcox-O'Hearn
I'd just like to say Thank You to Moritz for explaining the security problem (resulting from the user experience) so well. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/794453 Title: First message i

[Bug 794453] Re: First message is sent unencrypted

2011-07-13 Thread Moritz Naumann
Ted, thanks for your explanations and point of view. I think the reason we think differently about whether or not this is a security issue is that you are argumenting from a protocol and implementation design point of view while I'm argumenting from a user experience point of view, assuming the us

Re: [Bug 794453] Re: First message is sent unencrypted

2011-06-09 Thread Ted
On Wed, 2011-06-08 at 22:24 +, Moritz Naumann wrote: > On 08.06.2011 17:23 Ted wrote: > > I'm removing the classification as a security vulnerability, because the > > expected behavior currently for OTR sessions is that they'll be either > > manually initiated or automatically initiated once a

Re: [Bug 794453] Re: First message is sent unencrypted

2011-06-08 Thread Moritz Naumann
On 08.06.2011 17:23 Ted wrote: > I'm removing the classification as a security vulnerability, because the > expected behavior currently for OTR sessions is that they'll be either > manually initiated or automatically initiated once a client detects that > a chat partner is also OTR-capable. > > Th

[Bug 794453] Re: First message is sent unencrypted

2011-06-08 Thread Ted
I'm removing the classification as a security vulnerability, because the expected behavior currently for OTR sessions is that they'll be either manually initiated or automatically initiated once a client detects that a chat partner is also OTR-capable. This is a feature request, but one that I dou

[Bug 794453] Re: First message is sent unencrypted

2011-06-08 Thread Moritz Naumann
** Description changed: Binary package hint: pidgin-otr A friend I communicate with encrypted regularly uses multiple computers running Ubuntu 11.04 and Ubuntu 10.04 with Pidgin and its OTR plugin on them (all packages are installed from official Ubuntu package repositories) and diffe

[Bug 794453] Re: First message is sent unencrypted

2011-06-08 Thread Moritz Naumann
** Description changed: Binary package hint: pidgin-otr A friend I communicate with encrypted regularly uses multiple computers - all running Ubuntu 11.04 with Pidgin and its OTR plugin on them and - different OTR keys on these computers. I use bitlebee and bitlbee-otr - onUbuntu 11.04 on a