-
OTR is based on OpenPGP while OMEMO is “homemade from scratch”
-
OTR is mainly for 1 to 1 chat while OMEMO mainly for group chat, the problem with group chat is key distribution and verifying is a lot less secure by nature than 1 to 1.
-
OMEMO key verification is more complex and slips in comparing fingerprints by newbie users are very well possible, even advanced users can’t properly verify fingerprint unless they meet in real life or send their fingerprint over another platform, OTR on other hands uses Socialist millionaire protocol instead where users can set human readable questions to other party to verify their identity, aka key-fingerprint. TL;DR:
This feature makes it possible for users to verify the identity of the remote party and avoid a man-in-the-middle attack without the inconvenience of manually comparing public key fingerprints through an outside channel.
-
OMEMO wiki states it provides deniability which is not true, OMEMO does not provide good deniability “Deniability: X3DH is weakly offline deniable and provides no online deniability, as far as the research shows.”
-
OMEMO wiki again falsely states perfect forward secrecy which again is totally false “It has been demonstrated that OMEMO provides only weak forward secrecy (it protects the session key only once both parties complete the key exchange).”
-
OTR is more mature and a lot of popular projects are based on it such as Signal
-
OTR messages are smaller in size thus faster sending and receiving
-
OTR does not save message history, while in OMEMO and clients that support OMEMO it is usually impossible/very hard to disable message history
There are probably other reasons that I missed, but those are most of major ones of why OTR is better than OMEMO
@Patrick This post should be added as warning in the Wiki