[Telepathy] an idea for otr

Simon McVittie simon.mcvittie at collabora.co.uk
Mon Oct 11 03:31:50 PDT 2010 

On Mon, 11 Oct 2010 at 09:58:14 +0200, Fabian Schmidt wrote:
> As far as I understand telepathy correctly mission control is used the
> somehow bring together channels between connectors and Gui elements.
> My idea is to append an otr module of some kind to mission control.

(The area of MC's functionality that you're talking about is the
ChannelDispatcher - Mission Control currently implements two Telepathy
modules, the AccountManager and ChannelDispatcher, as a single daemon.)

OTR doesn't really fit in the ChannelDispatcher, no; it should go in
connection managers (protocol backends). The channel dispatcher distributes
*responsibility for* channels around UIs, but the Channel D-Bus object exists
in the connection manager, and the messages themselves don't go through the
ChannelDispatcher, by design (this reduces D-Bus round trips and makes the
components less tightly coupled together).

https://bugs.freedesktop.org/show_bug.cgi?id=29904 tracks development of
interfaces for end-to-end encryption/authentication. It has some generic
interfaces that would be implemented by any connection manager capable of
either XTLS or OTR or something else, plus protocol-specific interfaces
for XTLS (which we think is a more capable solution for protocols where it's
possible). The way I'd anticipate OTR should be supported would be to design
OTR equivalents of the XTLS-specific bits linked from that bug.

I'd also appreciate feedback (preferably on the bug) about any parts of the
generic interfaces that are unsuitable for OTR; hopefully we made them general
enough that both XTLS and OTR can work.

Note that this API is under development and is subject to change, so it's not
too late to make adjustments so it can be used for OTR too, but equally, it's
not guaranteed that it'll stay the same over time.

Here's a quick outline of the proposed API:

Generic objects:

- Channel.Interface.Encryptable is initially available on Text channels
  (eventually, other channel types) and lets you upgrade from plain text
  to either XTLS or OTR or whatever else is available

- Channel.Type.PeerAuthentication authenticates that you are, in fact,
  talking to who you think you are. In XTLS we'd use either X.509
  certificates or SRP. I understand OTR can also do (something similar to)
  SRP?

- Auth.Proposal is a transient object used by Channel.Type.PeerAuthentication
  to do a particular authentication

Specific objects:

- Channel.Interface.XTLS is available on PeerAuthentication
  channels that are implemented using XTLS; for OTR you'd need to design
  a vaguely similar Channel.Interface.OTR

- Auth.Proposal.X509 and Auth.Proposal.SRP are used by
  Channel.Type.PeerAuthentication for X.509 certificate exchange or SRP:
  I don't know what OTR needs here, perhaps Auth.Proposal.SRP is enough?

Regards,
    Simon

More information about the telepathy mailing list