On 06/04/2008 2:13 AM, Dirk Meyer wrote: > > Peter Saint-Andre wrote: > >> About security, what about using something like XTLS? >> http://www.xmpp.org/extensions/inbox/xtls.html > > I was thinking about DTLS, I did not know that there already is > something in the inbox. But not many tls implementations support it, > my python bindings use tlslite which lacks dlls support. I know it is > not a good reason, but since all XMPP clients already support > <starttls> for streams this looks like a simpler idea. And the > overhead IBB + <starttls> is similar to XTLS, with stream compression > in the inside even less. And when not using IBB, it can reduce the > server traffic. I will do some more thinking about this.
Well XTLS is not well-defined yet, but I will turn my attention to it soon. The approach of starttls and then IBB was mentioned by Justin Karneges here: http://mail.jabber.org/pipermail/security/2007-March/000018.html And that seems reasonable to me. Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
