On Sat, 30 Aug 2008 09:47:08 +0200 Bartosz Malkowski <[EMAIL PROTECTED]> wrote:
> Hello! > > Is there any method to encrypt messages between two clients if one of > those client is JavaScript client working in web browser? Hello First, users of Javascript clients don't care about e2e security. Second, can you start direct XMPP connections from Javascript at all? Ok, you could use some in-band connections and even employ some of the crypto stuff but... first applies. Lots of work for no real reason. But if you really want it, the trust model won't work with Javascript anyway (you don't have access to local data). But the SAS method discussed earlier would work. > I can implement RC4 cipher or similar (DES JS implementation exists > as I remember) but key management is very big problem. I can't > implement PGP or x509 key management in JS/Google Web Toolkit. > Maybe Java applet may be a solution? Applet for encryption and key > exchange only. Feels weird. -- Web: http://www.pavlix.net/ Jabber & Mail: pavlix(at)pavlix.net OpenID: pavlix.net
