Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handling the receive of TLV type 1 Disconnected #17

Open
claucece opened this issue Aug 10, 2019 · 1 comment
Open

Handling the receive of TLV type 1 Disconnected #17

claucece opened this issue Aug 10, 2019 · 1 comment
Labels
data message recommendation

Comments

@claucece
Copy link
Member

In previous OTR versions, receiving a disconnected TLV would put the
state machine into a "FINISHED" state. A client in this state would
refuse to send new messages from the user until the user explicitly
indicated that they understood the conversation was over.

The rationale was to prevent the following scenario:

  • Alice's client sends a disconnected TLV to Bob's client
  • Bob types a secret message into his client's textbox and begins to move his hand toward the "send" button
  • Bob's client receives the disconnected TLV and enters an "unencrypted" state
  • Bob presses the "send" button
  • Bob's client sends an unencrypted message that Bob intended to be sent securely

Previous OTR clients handled this situation by refusing to send Bob's message until he indicated that he understood the encrypted conversation was over, and then re-sent the message (or not). There are other UX choices that can be made here, but they must prevent this accidental leakage scenario.
@claucece
Copy link
Member Author

See: otrv4/pidgin-otrng#69

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
data message recommendation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@claucece