-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/28/13 1:41 PM, Jesse Thompson wrote: > Are there more details? Specifically, does "hop-by-hop encryption > using SSL/TLS" require strong association between a domain name and > an XML stream as described in draft-ietf-xmpp-dna-04?
We, as a community, need to figure out what we can do. Realistically, I think we need to prefer authenticated encryption via PKI, POSH, or DNSSEC/DANE and fall back to opportunistic encryption via TLS + dialback. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSbsBrAAoJEOoGpJErxa2pctwP/jVU8p4YpyIU/SRnmQdOvtei /TfYi+OdYHih/40vc5dhZhUouNAQp6MingSye6JoRRLa+WbAy5zaqmceG3LCGOst NtztsjZ42C7+1hNAUvXeI4YmLDRmdcmMfP2L+4l5JYGBHlOcNpC0M5mrJuuTcnoo djrGLvtXDDzegsaDzPMvyzvTbri4DJ9N7QFcjrP6a+rDRC5R0wK94nbf5xOeRENu SAurOsKnFOZf0ioCB//WIzcaetPxCDN1YbqPp2JnWQg17na0bSZopikzZE0JQx5u mrr1yZvllJgzPA4eCrRolmYHJ496ZDaYu/w6JT2DauL8J8UkrDegkPJ4HlNRCVpw Ii2X9OLeSTGVFhvyNSSRgTOZxVzyqzhqSgBPLhKjtZ+rWB/5pPbro5dOP756M3nU zsBXqrWdWqCUlMuQNaovN+/jrX1I1qHoQzpHeD2LvZmXJ9YELvfc1605g5r/Q7lK jRcDj8aYMmp2AYVpcjEFi+98ToYQF5yZTE8EKQBklcOuvrjyGRJG6IawYDilctdl StdOvt2A1KybzBEpyHIqAFkKd3O5GtATge9JYIy5Ze0vGxhpTwhU11uOGIS6iOb+ N/AWEKz5BU30bnWPJ1zzO7tfdnl1JQ5/LZZMn8BUit9MYPf3i+lRliM7fyzlRqy9 prJoIAkA2nBjUj9N5hoO =r0bU -----END PGP SIGNATURE-----
