Re: [Standards] end-to-end encryption meeting

Thu, 08 Nov 2007 15:32:56 -0800 

Peter Saint-Andre wrote:
> As you can tell from my submission of the XTLS proposal, the topic of
> end-to-end encryption ("e2e") is once again on the table.
> 
> There is a long history to these discussions. Perhaps I'll write a blog
> entry about it one these days.
> 
> History aside, the main thing is that at the Council meeting next
> Wednesday, e2e will be the primary (and probably only) topic.
> 
> We held a preliminary discussion in the Council room today among some
> folks who are interested (mainly the Board and Council, with invites to
> two people who have implemented Encrypted Sessions and proto-XTLS):
> 
> http://www.jabber.org/muc-logs/[EMAIL PROTECTED]/2007-11-01.html
> 
> The real meeting will be held next Wednesday, November 7 at 19:00 UTC in
> the Council chatroom <[EMAIL PROTECTED]>. The Council room
> is open. Anyone can join the room. If you are interested in (we hope)
> finally solving the e2e issue, please join the meeting on Wednesday (I
> will send out a list of recommended readings soon). Naturally discussion
> on the list before then is more than welcome.

OK, some of us discussed this topic again yesterday:

http://logs.jabber.org/[EMAIL PROTECTED]/2007-11-07.html

Please read the meeting log to see what was discussed.

In general, we decided (again?) that only ESessions and XTLS really make
sense to pursue further (i.e., not OpenPGP, S/MIME, OTR, or xmlenc).

Follow up so far:

1. I chatted with Brendan Taylor and he said he looked into OTR some
more but realized that it would not be any easier than ESessions if we
want to encrypt entire stanzas. He may report further on that.

2. Ian will work on a revised version of XEP-0210 (requirements doc) so
that we can differentiate between what is necessary and what is nice to
have (well, *really* nice to have). The main requirement that people
think falls under nice to have is deniability.

3. We will work to compare TLS against the XEP-0210 requirements. This
may involve talking with some TLS experts at the IETF or elsewhere.

4. We will work to compare ESessions against the XEP-0210 requirements.

Feel free to join the conversation if you care about these issues. :)

Peter

-- 
Peter Saint-Andre
https://stpeter.im/

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to