3.10.2010 16:00, pesco
tags: bitlbee otr crypto privacy
I had a little celebration this week.
After spending some time last weekend bringing
bitlbee-otr up to date with
upstream
libotr,
and another few hours this Friday hunting down a stupid bug,
Wilmer van der Gaast, main developer of
BitlBee,
announced that he will
be merging OTR support into BitlBee's mainline development branch,
ready to go into the next official release.
Keeping my fingers crossed!
This will be the first major code contribution I make to an open source project
that makes it into the official distribution, so I'm pretty excited about that.
But more importantly, it means that starting with the next release,
it should become very easy for BitlBee users to get into the benefit of
end-to-end encryption for instant messaging.
Privacy by default
This is the issue with crypto, specifically in the context of privacy:
All parties involved (two in the case of IM) must have it in order for it
to be useful for either of them.
Lowering the barrier to entry into end-to-end crypto is thus not only
beneficial but crucial to the chance of having a private conversation.
This is precisely what OTR aims for.
It's protocols are designed to set themselves up automagically whenever they
get a chance (cf.
opportunistic encryption
).
The whole experience should be as seamless and transparent to the end user as
possible.
The key is to enable a smooth path (in usage) from no crypto at all to fully
authenticated privacy where no step must present a large hurdle for the end
user. Once the protocols and interfaces are implemented, having the software
available at all becomes the limiting factor.
That's why I'm
really excited about the inclusion in mainline,
apart from seeing my name on the web. ;)
Get it before everyone else!
- You can track its progress on the BitlBee
bugtracker.
- I've updated the project page to reflect the news.
The old branch is now considered obsolete, I'll probably just keep it
for historical reference.
Update:
(2010-10-09) And it's been merged.
