On 6/20/05, Tomasz Sterna <[EMAIL PROTECTED]> wrote: > On 6/20/05, Umesh Bywar <[EMAIL PROTECTED]> wrote: > > I am not very familiar with jabber. I have just started reading about > > it. > > I have one question about security in Jabber messenger. > > Jabber is a protocol, not a messenger.
Not 100% true. Jabber Inc's client (http://jabber.com) is in fact called Jabber Messenger. It's possible Umesh was talking about that. > > Does it provide secure communication across network? > > How do you define "secure"? > > Protocol protects you from sniffing using TLS > and from spoofing using SASL/dialback. > > Do you require more security? Yes, we need more information. There are a few different aspects here. Jabber today has the means to be pretty secure because of the above protocol options. However, someone sitting *at* either server can log all the unencrypted packets they want to disk. We don't today have a good end-to-end (e2e) encryption mechanism that would protect you at this lowest level. -- Psi webmaster (http://psi-im.org) im:[EMAIL PROTECTED] http://halr9000.com _______________________________________________ jdev mailing list [email protected] http://mail.jabber.org/mailman/listinfo/jdev
