Comment 48 for bug 296867

Yay! Though, I looked over XTLS and I think it's a horrible idea. The worst part of TLS is x.509 certificates for a whole host of different reasons, and one reason OTR works so well is it adopts the ssh model of verification over the stupid x.509 model which doesn't really work for anything but domain names (and even there is way overly centralized).

But OTR support would be good. One issue though is that there is an ad-hoc method for doing OTR over Jabber that several other clients support. It's almost necessary that they support that method as well, and it's not clear that they intend to.