31.07.2008, 01:42
Für Pidgin-Encryption hab ich jetzt eine Antwort:
How is this(OTR) different from the pidgin-encryption plugin?
The pidgin-encryption plugin provides encryption and authentication, but not deniability or perfect forward secrecy. If an attacker or a virus gets access to your machine, all of your past pidgin-encryption conversations are retroactively compromised. Further, since all of the messages are digitally signed, there is difficult-to-deny proof that you said what you did: not what we want for a supposedly private conversation!
How is this(OTR) different from the pidgin-encryption plugin?
The pidgin-encryption plugin provides encryption and authentication, but not deniability or perfect forward secrecy. If an attacker or a virus gets access to your machine, all of your past pidgin-encryption conversations are retroactively compromised. Further, since all of the messages are digitally signed, there is difficult-to-deny proof that you said what you did: not what we want for a supposedly private conversation!