Hi Mike, On 8/17/09, Mike Kazantsev <mk.frag...@gmail.com> wrote: > > I'm using gajim with TLS-enabled (transport-level encryption) connection > to the servers and built-in GPG plugin to encrypt messages, containing > some auth info, which I occasionally have to pass. > I believe pidgin also had support for such feature via one of the > standard plugins.
Thanks for the information. I've checked the wikipedia page of gajim. It's very interesting, however, I'm not a jabber user. But I'll check it again if any friend of mine is using jabber, since the GPG plugin is very attractive to me. Best regards, Wen > > TLS is widely-deployed on XMPP (jabber) servers, but encryption ends at > the server in question, so it can intercept / mangle the messages, so it > might be good idea to prefer large and reliable servers to > possibly-compromised or malicious small ones. > Furthermore, in case of XMPP, your (source) server is free to pass the > message in unencrypted form to destination server, so message can be > caught by any IP-sniffers on the route. > Then there's also remote client connection, which can be unencrypted > (no TLS/SSL) and likewise intercepted on TCP/IP level. > > GPG encryption requires clients on both sides to support it, but has > benefit that all cryptographic operations are happening on client > machines, so server (or any intermediate host) is unable to spoof > conversation, provided the encryption (GPG) keys aren't compromised. > > -- > Mike Kazantsev // fraggod.net > -- Xianwen Chen Mobile: +86 13774 228909 Email: cxi...@post.uit.no; xianwen.c...@gmail.com
