Peter Saint-Andre wrote:
We received some initial feedback from an IETF security guru regarding encrypted sessions (XEP-0116 etc.). He thinks that, based on our requirements, we could simply re-use TLS semantics in XMPP syntax rather than define a completely new security protocol (which is considered to be a bad idea). Essentially this would treat XMPP as the transport layer, so instead of doing TLS over TCP (as we do for channel encryption) we would do TLS over XMPP for encrypted sessions between endpoints, where we communicate TLS primitives in XML syntax.
Well, or just stuff base64 TLS data into an XML element and hand that off to OpenSSL, like so:
<iq from='juliet' to='romeo' type='set'> <tls xmlns='urn:xmpp:xtls'>base64-data-here</tls> </iq> /me ponders... Peter -- Peter Saint-Andre XMPP Standards Foundation http://www.xmpp.org/xsf/people/stpeter.shtml
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Security mailing list [EMAIL PROTECTED] http://mail.jabber.org/mailman/listinfo/security
