[jitsi-users] OTR public/private key mangement


#1

Hello Pascal,

Thank you for appreciating our work!

About your question - formally, yes, it is possible to share the keys from
the parners on all personal devices and also your own private/public key
pair.
In practice however, doing so is kind of a hack and one shouldn't do it
without a very good reason.

Public/private key pairs are guaranteed to be generated unique across
different devices and even across different instances of Jitsi on the same
device. This guarantees that even if one of the devices gets compromised,
your communication on the other devices will still be protected.

However, if one really wants to, he can go to
Tools->Options->Advanced->Property editor and search for the strings
"publicKey" and "privateKey". (Or search for these properties directly in
Jitsi's sip-communicator.properties file. You can read more about how to
access this file here https://jitsi.org/Documentation/FAQ#jitsi-home).
Copy/pasting all properties that contain "publicKey" and "privateKey" from
one device to another, replacing any old "publicKey"/"privateKey"
properties on the other device should do the trick.

Please be careful with modifying Jitsi configuration properties though.
Changing these advanced settings can be harmful to the stability, security,
and performance of the application. You should only do this if you are
aware of what you're doing.

If you have any further questions please feel free to ask!

Regards,
Marin


#2

It is probably also worth mentioning that we are about to start work
on adding support for OTR protocol version 3-4.0.0 that would make
Jitsi deal better with correspondents that are connected from more
than one location.

You would still need to authenticate every instance separately, but
that's probably less hassle than manually moving your keys.

Cheers,
Emil

ยทยทยท

On Wed, Nov 20, 2013 at 1:34 PM, Marin Dzhigarov <marin@bluejimp.com> wrote:

Hello Pascal,

Thank you for appreciating our work!

About your question - formally, yes, it is possible to share the keys from
the parners on all personal devices and also your own private/public key
pair.
In practice however, doing so is kind of a hack and one shouldn't do it
without a very good reason.

Public/private key pairs are guaranteed to be generated unique across
different devices and even across different instances of Jitsi on the same
device. This guarantees that even if one of the devices gets compromised,
your communication on the other devices will still be protected.

However, if one really wants to, he can go to
Tools->Options->Advanced->Property editor and search for the strings
"publicKey" and "privateKey". (Or search for these properties directly in
Jitsi's sip-communicator.properties file. You can read more about how to
access this file here https://jitsi.org/Documentation/FAQ#jitsi-home).
Copy/pasting all properties that contain "publicKey" and "privateKey" from
one device to another, replacing any old "publicKey"/"privateKey" properties
on the other device should do the trick.

Please be careful with modifying Jitsi configuration properties though.
Changing these advanced settings can be harmful to the stability, security,
and performance of the application. You should only do this if you are aware
of what you're doing.

If you have any further questions please feel free to ask!

Regards,
Marin

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users