[cryptography] why did OTR succeed in IM?

Nico Williams nico at cryptonector.com
Sat Mar 23 14:59:14 EDT 2013


On Saturday, March 23, 2013, ianG wrote:

> Someone on another list asked an interesting question:
>
>      Why did OTR succeed in IM systems, where OpenPGP and x.509 did not?
>

Because it turns out that starting with anonymous key exchange is good
enough in many cases.  Leap of faith would have been a good addition, but
would have created device sync issues, and the answer/question
authentication is good enough.  Imagine if we'd insisted on a PKI for IM...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20130323/3a14f4b3/attachment-0001.html>


More information about the cryptography mailing list