[Adium-devl] Java-based libraries... a ponder, a thought, an apology

[Augie Fackler]

On Dec 7, 2006, at 9:31 PM, Evan Schoenberg wrote:

>>> 4) Trillan SecureIM compatibility
>>
>> Can't answer to this one.  I only partially looked at it.  Since  
>> Fire had GPG, and then later OTR, I just didn't see the point.  In  
>> terms of implementation, I remember thinking it should be a  
>> plugin, like OTR, but have extra "meta-data" support by the  
>> library to work with it.  I would have to look at how secureIM is  
>> implemented again in order to expound on this idea.
> Indeed -- I don't expect that there's any real reason to implement  
> SecureIM. Multiple encryption methods seems to add a lot of  
> complexity which most users simply don't need.
>
>> Wasn't there something about supporting AIM's encryption for IMs  
>> in there as well?
> I'm not sure... there may well have been.
>

Trillian SecureIM is not all that useful - I'm actually actively  
*opposed* to including support for it in Adium, because it's bad. I  
can't find the site for reference - but the long and short of it is  
that SecureIM has no way of verifying the authenticity of who you're  
talking to...which OTR provides. Honestly, I'd be inclined to say we  
should start broadcasting a capability block for OTR, and encourage  
everyone else to start doing the same - and try and get some real  
clients supporting OTR.

AIM does have their own encryption protocol, using SSL certs for  
verafiability.

Sadly, I'm finally at the point where I think we should bag joscar as  
well - it's been a fun experiment, and was a good way for me to learn  
the codebase - but I think it's time to shelve it.
*sheds a tear*

Augie

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://adium.im/pipermail/devel_adium.im/attachments/20061207/dcce67c3/attachment.sig>