[pkg-otr-team] Bug#766936: [libotr5] Extended description: "Deniability" is not a feature per se
Filipus Klutiero
chealer at gmail.com
Mon Oct 27 01:22:39 UTC 2014
Package: libotr5
Version: 4.1.0-1
Severity: minor
The extended description contains:
> OTR allows you to have private conversations over IM by providing:
> [...]
> - Authentication
> - You are assured the correspondent is who you think it is.
> - Deniability
> - The messages you send do _not_ have digital signatures that are
> checkable by a third party. Anyone can forge messages after a
> conversation to make them look like they came from you. However,
> _during_ a conversation, your correspondent is assured the messages
> they see are authentic and unmodified.
So-called "deniability" is not a feature per se, unless authentication is taken for granted, which is clearly not the case here.
Rather than advertising 2 independant items, these could be merged in a "Deniable authentication" item which would contain both sublists.
By the way, I do not understand what "Anyone can forge messages after a conversation to make them look like they came from you." means.
--
Filipus Klutiero
http://www.philippecloutier.com
More information about the Pkg-otr-team
mailing list