[Bug 16891] Telepathy should support OTR encryption

[bugzilla-daemon at freedesktop.org]

https://bugs.freedesktop.org/show_bug.cgi?id=16891

--- Comment #77 from Simon McVittie <simon.mcvittie at collabora.co.uk> ---
(In reply to comment #76)
> 1) handle html, I'm not sure to understand what you mean or why it is that
> important... Maybe you can make the changes that you want?

Looking into it. The more important direction (don't send plain text where HTML
is expected, so that parts of messages that happen to look <a bit like html
tags> aren't silently ignored) is easy, it just needs g_markup_escape_text().

The other direction (don't send HTML where plain text is expected) is more
difficult, but libxml should be able to do it; and if we don't, the failure
mode is that a user sees HTML markup instead of plain text, which isn't *so*
bad.

> 2) Find a solution if we don't want the other end to be able to initiate an
> OTR session without approving it first.

I think a CM parameter is the only way to do this. It'll work for MC-stored
accounts (which includes all Haze accounts and all "unbranded" accounts like
generic Jabber/IRC, even if GOA is used), and for UOA-stored accounts.

I agree that GOA's account parameter storage limitations mean it won't work for
GOA-stored Google Talk or Facebook accounts, or GOA-stored Windows Live
accounts in the unlikely event that Microsoft bring back their XMPP bridge. If
you want communications privacy, Google and Facebook are probably not the ideal
option anyway... and that GOA issue is not something that Telepathy can fix in
any case.

> 3) Fix string spelling. Maybe you can patch them yourself, as I'm not
> native? :)

Sure.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.