[pkg-otr-team] Bug#766936: [libotr5] Extended description: "Deniability" is not a feature per se

Filipus Klutiero chealer at gmail.com
Mon Oct 27 01:22:39 UTC 2014


Package: libotr5
Version: 4.1.0-1
Severity: minor

The extended description contains:
>  OTR allows you to have private conversations over IM by providing:
> [...]
>   - Authentication
>     - You are assured the correspondent is who you think it is.
>   - Deniability
>     - The messages you send do _not_ have digital signatures that are
>       checkable by a third party.  Anyone can forge messages after a
>       conversation to make them look like they came from you. However,
>       _during_ a conversation, your correspondent is assured the messages
>       they see are authentic and unmodified.

So-called "deniability" is not a feature per se, unless authentication is taken for granted, which is clearly not the case here.

Rather than advertising 2 independant items, these could be merged in a "Deniable authentication" item which would contain both sublists.


By the way, I do not understand what "Anyone can forge messages after a conversation to make them look like they came from you." means.

-- 
Filipus Klutiero
http://www.philippecloutier.com



More information about the Pkg-otr-team mailing list