-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/17/12 5:57 AM, Александр wrote: > On Пятница, 12-окт-2012 00:46:57 Александр wrote: > > On Четверг, 11-окт-2012 23:33:48 Andreas Kuckartz wrote: > >> Александр: > >>> Hi all, i have implemented encrypted filetransfers in my > >>> realization of xep-027 in new_gpg plugin fro miranda im/ng, >>> but > >>> currently it supported only in miranda, i would like to extend > >>> xep-027 to have defined encrypted filetransfers. is it possible >>> ? > >> > >> Did you look at XEP-0234 ? > >> > >> Cheers, > >> Andreas > > > > not yet, but my method implement encrypted transfers for any type > of filetransfer, not just jingle (which as i know not supported by > most clients currently ?), but my method is very primitive .... > > > > i have looked on XEP-0234 and related XEP's, found only some > information about optional ssl/tls encryption, but this is not > end-to-end, and not pgp like, i mean it's vulnerable to man in > middle attack on server side, ot i have missed something ?
We have not yet defined end-to-end encryption of file transfers. One way would be for the sender to encrypt each stanza to the public key of the recipient, and then chunk out the file using XEP-0047. However, that won't work well for huge files because it will take a long time to transfer the file. Another way would be to run your own trusted file transfer proxy, use XEP-0065, and require SSL/TLS on both ends of the proxy. I'm sure there are other solutions, too (e.g., for a while we were discussing something called XTLS). It's not such an easy problem to solve, but your ideas are welcome. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlB+wAoACgkQNL8k5A2w/vxKiACaAxY2RIH+klEmZ8xzYDyOcQKk 0LIAn3X2E0qBvnvDqA9Vv0pnK+FLMmvx =iHZG -----END PGP SIGNATURE-----
