I think that Peter has contacted you about Jabber trademark. BOCQUET Ludovic An XSF member XMPP Standards Foundation http://xmpp.org/
Le 14/01/2013 17:09, Kevin Smith a écrit : > On Mon, Jan 14, 2013 at 4:02 PM, Info . <[email protected]> wrote: >> aboute securely you are exchange only public keys, not private...... u send >> public keys directly to your opponent by jabber..... (not to any server) >> in this way MITM attack will have no meaning. >> without private keys - nothing is impossible to decrypt... > I assume you mean that the user is not asked to verify the key > fingerprint out of band (else it wouldn't be automatic). If you're not > doing this, how can you guarantee that the public key belongs to the > right person and hasn't been MITMed? Do you mean that the keys are > sent peer to peer, without sending them through the XMPP stream? If > so, how are these P2P connections negotiated? If they're negotiated > over XMPP then the security profile is pretty much the same as if the > keys themselves were sent over XMPP too, isn't it? > > /K > _______________________________________________ > JDev mailing list > Info: http://mail.jabber.org/mailman/listinfo/jdev > Unsubscribe: [email protected] > _______________________________________________ > >
smime.p7s
Description: Signature cryptographique S/MIME
_______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
