Am 18.08.2008 um 23:21 schrieb Peter Saint-Andre:
Except that it's an unanalyzed technology.
But it wasn't analyzed with IM in mind, but stuff like HTTPS or IMAPS. For Jabber, we have traffic that is human generated, which allows a lot more of attacks. I already named a few of them on the standards list.
TLS has undergone years and years of analysis and hardening. I like the ideas behind ESessions and real security folks who've glanced at it seem to think it's not entirely dodgy, but that doesn't mean it would withstand a full security analysis.
We would have to see that. If there are some flaws, we could fix them.
Plus using TLS enables us to re-use code for the client-to-server, server-to-server, link-local, and end-to-end scenarios. I consider that a good thing.
That means that people who are NOT familiar with crypto will use libraries like OpenSSL. Using them in the wrong way can make all encryption completely useless.
With ESessions, Brendan Taylor offered to write a libesessions, a library that you just need to pass the stanzas and it will return the encyrpted stanzas. Nothing developers could do wrong here.
-- Jonathan
PGP.sig
Description: This is a digitally signed message part
