-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
So the lack of OTR support in Instantbird is nearly a dealbreaker for me, as it makes it a bit more likely than a rogue exit could intercept a user's communications. Though this depends in part on SSL/TLS support and whether a user *actually enables* it in their settings.
Would the plan be to create and test a reliable OTR patch for Instantbird?
Pidgin's big issue before was DNS leaks. How is this addressed by Instantbird? (okay, there are a few big issues with Pidgin but...)
I like Instantbird's UI, but we should come up with a plan to set proper defaults.
~Griffin
Mike Perry & Sukhbir Singh wrote:
- No OTR support yet
- OTR support tickets: https://bugzilla.instantbird.org/show_bug.cgi?id=877 https://bugzilla.mozilla.org/show_bug.cgi?id=779052
- For a stopgap/prototype: We can use the js-ctypes wrapper of libotr along with the message observer API
- Example observer API use w/ rot13: http://hg.instantbird.org/addons/file/tip/rot13
- JS-Ctypes wrapper for native libotr:
http://gitorious.org/fireotr/fireotr/blobs/master/chrome/content/otr_wrapper...
+ The ctypes wrapper can be converted to an XPCOM wrapper later. + According to sshagarwal #maildev on irc.mozilla.org, Mozilla is also working towards implementing all of the primitives needed
for OTR (and OTR
itself) in NSS. These are listed in this comment: https://bugzilla.mozilla.org/show_bug.cgi?id=779052#c17 + We could also rely on the ctypes wrapper until native support is available, and possibly skip an XPCOM libotr wrapper entirely.
- -- "Cypherpunks write code not flame wars." --Jurre van Bergen #Foucault / PGP: 0xAE792C97 / OTR: saint@jabber.ccc.de
My posts are my own, not my employer's.