(New thread: Threat model) |
m |
||
| Line 1: | Line 1: | ||
| − | It is impossible to judge a protocol when we have no threat model/what goal the protocol is hoping to acheive. I think we should agree on that first, before discussing the protocol. | + | It is impossible to judge a protocol when we have no threat model/what goal the protocol is hoping to acheive. I think we should agree on that first, before discussing the protocol. More specifically, which of the following OTR goals we are aiming to acheive: |
| + | |||
| + | 1. Participant Authentication. | ||
| + | 2. Room view consistency. | ||
| + | 3. Message origin Authentication. | ||
| + | 4. Forward secrecy. | ||
| + | 5. Transcript Consistency. | ||
| + | 6. Deniability. | ||
Latest revision as of 14:30, 4 September 2014
It is impossible to judge a protocol when we have no threat model/what goal the protocol is hoping to acheive. I think we should agree on that first, before discussing the protocol. More specifically, which of the following OTR goals we are aiming to acheive:
1. Participant Authentication. 2. Room view consistency. 3. Message origin Authentication. 4. Forward secrecy. 5. Transcript Consistency. 6. Deniability.