(in my role as Jabber-Net dev... NOT speaking for Jabber, Inc.) I'll probably do what you expected... TLS is close (except for Start-TLS, which is coming soon), and SASL is on the way (mostly waiting on a compliant server implementation to test against).
I'm unlikely to add support for the e2e spec, until and unless pretty much *everyone* else did it first. :) If I had to implement one, I suspect S/MIME might be easier, since I have some existing libraries for that (at least in theory). -- Joe Hildebrand > -----Original Message----- > From: Peter Saint-Andre [mailto:[EMAIL PROTECTED] > Sent: Monday, July 28, 2003 5:04 PM > To: [EMAIL PROTECTED] > Subject: [JDEV] XMPP implementation questions > > At the recent IETF meeting, I was asked to follow up with the > Jabber developer community about obstacles (or resistance) to > implementing certain aspects of the XMPP specs > (<http://www.jabber.org/ietf/>). The IETF folks perceive the > presence of an active developer community as a Good Thing > [tm], so I think they are interested in how likely it is that > the current developer community will implement the specs as written. > > The main topics mentioned to me relate to security, > specifically SASL for authentication, TLS for channel > encryption, and CPIM + S/MIME for end-to-end encryption. Do > people think they will be able to integrate existing > libraries for these protocols into their applications (or > write their own support, as Rob Norris recently did for SASL > in jabberd2)? How likely is it that existing clients will > implement draft-ietf-xmpp-e2e, which uses CPIM and S/MIME for > end-to-end encryption? > > From discussions so far, my sense is that SASL and TLS > support will be added once it's in the jabberd server, but > that client developers are fairly resistant to adding support > for the end-to-end encryption spec given the need to parse > CPIM formats (no existing libraries as far as I > know) and support S/MIME (for which there are libraries, > although the use of S/MIME is not very "Jabberish"). > > Feel free to reply on or off list. > > Thanks! > > Peter > > P.S. Yes, I owe the community an informational document that clearly > defines the differences between XMPP and Jabber for things like > authentication and session initiation. I will write that document > by the middle of August. > > -- > Peter Saint-Andre > Jabber Software Foundation > http://www.jabber.org/people/stpeter.php > > _______________________________________________ > jdev mailing list > [EMAIL PROTECTED] > http://mailman.jabber.org/listinfo/jdev > _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
