[guardian-dev] OTR4j and OTRv3

Dev Random c1.devrandom at niftybox.net
Thu Jan 10 03:05:44 EST 2013


On 13-01-09 08:39 PM, Nathan of Guardian wrote:
> On 01/10/2013 10:18 AM, Chris Ballinger wrote:
>> After helping someone write a wrapper for libavcodec using the NDK I think
>> it isn't that difficult to do the bridging, but (if i'm not mistaken) there
> It isn't so much a question of using the NDK or not, as we are already
> fairly committed there with SQLCipher, Tor, GnuPG, etc.
>
> I am more asking is it a healthy thing to have two OTR efforts working
> parallel with libotr as the lead, and OTR4J always playing catch-up, or
> should we commit to bringing and utilizing libotr to Android? Should all
> the crypto-chat clients in the world be based on the same OTR library,
> or should we encourage diversity?

Diversity could be useful to prevent one vuln from affecting everybody. 
On the other hand, many people use both Java and libotr based clients.

>
> As an example, in the case of OpenPGP, we decided not to work on APG in
> favor of GnuPG, because we felt we couldn't keep up with GnuPG, and it
> would be better to have that community invested in Android.

I feel that the current delta is pretty small, and bringing otr4j up to
par is not a big effort compared to the work on the app itself.  Also,
the OTR protocol doesn't seem to be changing very fast.

This may be different in the future if there are things like mpOTR
planned for libotr.

>
> +n
>
>



More information about the Guardian-dev mailing list