See my other mail for additional information, I just want to answer your questions very quickly:
Jonathan Schleifer wrote: > 1.) What is the current state of the XEP? Is it even a XEP now? Open a stream with either XEP-0174 or XEP-0247 and use starttls. To help you with that we have XEP-0250 and XEP-0189. > 2.) How many clients implement it? If any, which? I guess only my lib right now. > 3.) If there are clients, do they use direct connections or use > Jingle's inband mode? Right now only IBB, ICE-TCL will be implemented when it is ready > 4.) How was the SAS problem solved, if it was solved at all? If not, > how will it be solved? We only use what TLS provides. There is no SAS in TLS ATM, so no SAS support. TLS-SRP is your choice to authenticate someone. > 5.) How much work was it to implement it? Was it really "just 5 > minutes of work" as some said in the discussion before? We you only count XEP-0247 with an implementation that already had link-local support, than I needed about 1 hour to code it. XEP-0250 cost me some time to find a TLS lib that provides more than just X.509 certificates on Python level (openssl and gnutls support everything we need, but the Python bindings lack support for OpenGPG and SRP support). Implementing the XEP took about 3 hours of work. > 6.) I predicted that it will still take a long time until C2C TLS will > reach the state ESessions now has. To me, it seems my prediction was > right. Anything I overlooked? I point to Dave's answer in this matter. The state of the XEP is "working" (I tested it) and client support is still missing. Compared to only one client using ESessions, it isn't that bad. If only one client implements ESessions after it is around for a longer time, it doesn't look good for it. If the TLS based solution has no client support after one year it was first published, I agree, it is also a failure. Dirk -- Computer Science: solving today's problems tomorrow.
