to see how the work is ongoing for the OTR feature I did some
tests. After all I'm quite satisfied with the results.
I took the project requirements page at
as a guideline for my tests.
My test setup is as follows:
- openfire as a local Jabber server, configured not to use SSL/TLS
(thanks George for the hint)
- pidgin with OTR plugin as the other IM client
- a complete SC build from the GSoC09/OTR branch (did an SVN update
yesterday evening, now at rev 5782)
- running wireshark to monitor the messages on "the wire"
All tests were done running Linux (openSuse 11.1) and
Java 6 (build 1.6.0_13-b03), 64-bit system
Tests done so far:
- During the tests I could start a private (encrypted) session from
both clients and I could also stop it.
- The SC client starts with private session if the OTR configuration
enables this (default setting)
- The menu entries to start/stop/authenticate/restart the private
session are availabe and working.
- The help functions work, displaying a help page
- The verification of the message using wireshark shows that no plain
text is sent, always encrypted for a privat chat.
- An interface that shows the own key and the foreign key to
authenticate is available and working. Storing of authenticated keys
need to be done (IMHO also pidgin misses this feature, at least
I didn't see an option to store the authentication info)
Open issues (maybe this could be a mis-configuration of OTR inSC):
- when stopping a private chat then SC sends plain data to
pidgin, as expected. If pidgin send plain data then SC receives the
plain data but then immediatley re-starts the private session
mode. This is somewhat irritating, but it is a minor problem.
- The locked/unlocked (encrypted/not-encrypted) indicator in the chat
window seems to be wrong (need to re-check because the automatic
restart of private session, see above)
No tested so far:
- fragmented messages
First conclusion with respect to the GSoC OTR project requirements
(refer to linked project page):
topics 1 - 4 are ok (however, I tested one protocol only)
topic 1: ok
topic 2: ok (re-check for correct display)
topic 3: ok, this includes the subtopics
(available as menus items, need to check the button right-click)
topic 4: ok, help message are shown, not yet tested in every detail
topic 5: not yet tested (how to generated fragmented messages?)
topic 6: partly ok, storage of authenticated keys yet open, where to store?
topic 7: ok, as far as otr4j library is concerned
Note regarding topic 6: IMHO this topic this should be regarded as OK,
storage of keys should be addressed in a more generic way in SC (ZRTP
may re-use this as well to store some ZRTP specific info for contacts).
Hope this report gives you some good vibrations about the OTR feature .