[guardian-dev] otrchat/gibber git reorg

Hans-Christoph Steiner hans at at.or.at
Mon Jan 17 19:12:18 EST 2011


On Jan 17, 2011, at 5:51 PM, Nathan Freitas wrote:

> On 01/17/2011 04:20 PM, Hans-Christoph Steiner wrote:
>> The hang up now is sorting out the design of the OTR in the Android
>> Remote Service and AIDL stuff.  Anyone know this stuff well and can  
>> give
>> us advice on how best to structure it?  Its not so straightforward,  
>> and
>> someone's experience could show us the direct path thru the whole  
>> thing :)
>
> I +1 on this idea, too, but think we could implement this better as an
> Intent. Essentially, your app would simply provide the buddy/contact
> name, your account identifier, and the text you would like to send  
> to them.
>
> Intent i = new Intent();
> i.setAction("info.guardianproject.gibber.SEND_MESSAGE");
> intent.putExtra("to","trustyfriend");
> intent 
> .putExtra 
> ("authkey 
> ","SOME_SORT_OF_KEY_GENERATED_WHEN_YOU_ENABLE_APP_FOR_GIBBER");
>
> intent.putExtra("message","i am at the combination pizza hut/taco  
> bell");
> context.sendBroadcast(i);
>
> Seems pretty simple, but something we'd need to be assure couldn't be
> abused.
>
> BTW, we already have one of these built into Orbot for requesting a
> hidden service to be enabled on a specific port for third-party apps,
> and the intent will return a .onion address for you.


That could be a nice simple way to do it.  How would the external app  
then receive a message via gibber/otrchat?

 From what I see from the Intent approach, the external app sending  
the message will then have to entirely assume that the message  
encryption is going to be handled by gibber/otrchat.  That means then  
in order for this Intent to be guaranteed to be an encrypted message,  
gibber/otrchat will have to only maintain OTR-encrypted sessions.  So  
if gibber can't establish an OTR connection, could gibber then bounce  
the error back to the external app via the Intent?

.hc


----------------------------------------------------------------------------

If you are not part of the solution, you are part of the problem.




More information about the Guardian-dev mailing list