Am 07.11.2013 15:54, schrieb Alexander Holler:
Am 07.11.2013 14:44, schrieb Andreas Kuckartz:
Alexander Holler:
I didn't speak about production environments. The manifesto affects all
users and a lot of them don't (have to) care about production
environments.
E.g. my server only has to serve my needs and nobody else ones. So I can
make a lot of compromises up to the fact, that I don't care if the NSA
or GHCQ would be dumb enough to snoop on my communications which happens
over my XMPP server (which isn't that much).
But I care if my server wouldn't be able to communicate with other
servers because they require e.g. TLSv1.2.
If a non-production server is communicating with a production server the
combination is a production system. In such cases the production server
must enforce the requirements in the interest of the users of the
production server.
So you want to enforce military grade encryption for all users of XMPP?
It's like the wish to make all the telephone systems to use high
encryption.
Good luck with that. In my humble opinion thats just a way to get rid of
users and therefor a nice but silly dream.
I think a realistic solution is to show users the state of their
communication and therefor make the aware of the fact if e.g. a message
is believed to have traveled secure or unsecure ways.
That's already mentioned in the manifesto and I like that a lot.
A possible solution could be to add an attribute to messages (or all
stanzas) which details the used communication way and the used
encryptions to transport that message/stanza. I don't know if such was
already written down in an XEP, but I would like that a lot.
Regards,
Alexander Holler
_______________________________________________
JDev mailing list
Info: http://mail.jabber.org/mailman/listinfo/jdev
Unsubscribe: [email protected]
_______________________________________________
