Home » ejabberd Book » Contributions

mod_otr - Man in the Middle module for Off-The-Record

Submitted by ogoffart on Fri, 2007-03-30 11:34

WARNING

This module is still in heavy development and testing. It probably does not work at all.

Name:
mod_otr

Purpose:
Man in the Middle module for Off-The-Record messaging

Author:
Olivier Goffart <ogoffart at kde.org>

Type:
Module

Requirements:
ejabberd 1.1.1, libotr-3.0.0 and one module to log messages (see bellow)

Download:
mod_otr-20070329.tar.gz

This module does the Man in the Middle of the Off-The-Record protocol and messages can be logged. It can be used with mod_logmnesia, mod_logxml, or mod_log_chat (or even mod_archive).

More information in the included README.

Of course, if user checks fingerprints, they will mismatch. This module has been created in order to show that e2e (end-to-end) encryption can't be user friendly, as checking fingerprint is not user friendly).

Related Links

»

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

user-friendliness

Submitted by donny on Sat, 2007-03-31 00:50.

This doesn't "show that end-to-end encryption can't be user friendly." This shows that key verification must be performed over an authenticated medium, which is something we already knew.

There's a difference between user-friendliness and idiot-friendliness.

»
Syndicate content