On Tue Nov 25 13:00:54 2008, Jonathan Schleifer wrote:
Am 24.11.2008 um 19:40 schrieb Dave Cridland:
For the crypto layer, any TLS library. These include OpenSSL, GNU
TLS, as well as numerous others.
Aha, so no client implementing C2C TLS at all, I see.
No deployed client implements XEP-0247, no. But implementations of
XEP-0246 are fairly common, since it's used by XEP-0174, and
implementations of TLS are commonplace.
You can contrast this with ESessions, where there's one
implementation of the crypto layer itself, plus one implementation of
the signalling layer.
If you prefer, you might consider XTLS as having a broad base, but
not yet having much above sea-level, whereas ESessions is a narrow
tower - higher, true, but considerably less broad. To represent XTLS
as being entirely unimplemented - you seem to enjoy that - is just
foolishness.
For the C2C TLS protocol itself, this is just <starttls/> over a
C2C XMPP session - are you saying that Gajim won't use TLS on a
link local session if offered? If not, why not? If so, why does
this not count?
Aha, so you count it as an implementation if there is no negotiaion
etc? Interesting! You count having nothing as having a full
implementation. Indeed, really interesting!
As evidenced here, you're apparently deliberately missing the point.
If Gajim, for example, negotiates and end-to-end XML stream
(XEP-0246), and then negotiates TLS on top of that (RFC 3920), then
that's most of the heavyweight aspects actually deployed - hardly
nothing. Jingle itself is also well deployed.
The bit that's missing is the XEP-0247 negotiation, basically.
You know the answers to the remainder of your questions, or else
can look them up in the archives.
So nothing changed, all is still like it was before, like I
predicted half a year before?
No, lots has changed in the past six months - that timeframe includes
the publication of the XEPs you appear not to have noticed.
So C2C TLS is dead before it was ever used - no client going to
implement it properly etc?
Everything appears dead before it's used, so this is just fear
mongering. ESessions, too, was dead. Still is, arguably, since only
the one implementation exists, and there's no sign of another on the
way.
Now please tell me how having nothing is better than ESessions.
You already admitted that there's currently nothing.
No, I've clearly stated that we have a heck of a lot more, in some
respects, in XTLS than ESessions, most especially in the foundation
cryptographic layers.
Dave.
--
Dave Cridland - mailto:[EMAIL PROTECTED] - xmpp:[EMAIL PROTECTED]
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
