On 11/22/2008 05:39 PM, Ian G:
I see this as an interesting question. There are pros and cons. First con; why would we want to do that? Just use Skype. Or, Nelson talked about AIM having some form of crypto. Also Jabber has something.
Jabber doesn't just have "something", but the XMPP Foundation runs an intermediate CA under the auspices and at the infrastructure of StartCom. Currently it only includes client-to-server and server-to-server encryption, but they are on the way to implement client-to-client encryption as well. All server certificates are (obviously) domain name control validated and the keys are under the control of the server operator - as this is a decentralized network. Similarly client certificates will be validated to be under the control of the XMPP address (looks like an email address) and keys under the control of the user. Small but important difference I thought worth mentioning.
-- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
