Robbie Hanson wrote: > XEP-0065 (Socks5 Bytestreams) states in the "security considerations" > section that "negotiation of [SSL/TLS] is outside the scope of this > document". I believe this is no longer valid. For example, consider > XEP-0189 (Public Key Publishing), and how the XMPP protocol could be > used to help enable TLS encryption using self-signed certificates.
XEP-0189 is only part of a larger security concept. http://www.ietf.org/internet-drafts/draft-meyer-xmpp-e2e-encryption-01.txt defines a TLS based security layer for Jingle and together with XEP-0260 you get a secure SOCKS5 stream for all Jingle applications (e.g. TLS for file transfer XEP-0234) > <iq type='result' > from='[email protected]/bar' > to='[email protected]/foo' > id='initiate'> > <query xmlns='http://jabber.org/protocol/bytestreams'> > <streamhost-used jid='streamhostproxy.example.net'/> > <publicKey>5AF9...[publicKeyInHex]...2C4</publicKey> > </query> > </iq> This is all done in draft-meyer-xmpp-e2e-encryption-01. Dirk -- "There is no law requiring me to make sense."
