В письме от Суббота, 09-мар-2013 11:16:15 пользователь Александр написал: > В письме от Вторник, 05-мар-2013 10:04:36 пользователь Peter Saint-Andre > > написал: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > I would like to suggest that we change XEP-0027 from Active to > > Deprecated (and then Obsolete). The technology is no longer in wide > > use, and it has so many problems that I don't think we want to > > actively suggest that people implement it. > > > > Peter > > > > > > - -------- Original Message -------- > > Subject: Re: [cryptography] Is it just me or is this fundamentally broken? > > Date: Mon, 04 Mar 2013 18:24:46 -0700 > > From: Peter Saint-Andre <[email protected]> > > To: Peter Gutmann <[email protected]> > > CC: [email protected] > > > > On 3/4/13 4:42 PM, Peter Gutmann wrote: > > > Quoting http://xmpp.org/extensions/xep-0027.html#signing: > > > > > > Signing enables a sender to verify that they sent a certain block > > > of text. [...] The text that is signed MAY be the empty string. > > > > > > (There's no metadata or anything there, just a raw signature). > > > > No one uses XEP-0027 these days, they all use OTR. The PGP integration > > with XMPP clients was an early experiment in the Jabber community > > before we even called it XMPP. Think 13+ years ago. But clients never > > signed empty strings, although we never fixed the spec because no one > > was using the technology. I'll push to make the spec Obsolete. > > > > Peter > > > > _______________________________________________ > > cryptography mailing list > > [email protected] > > http://lists.randombit.net/mailman/listinfo/cryptography > > > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG/MacGPG2 v2.0.18 (Darwin) > > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > > > iQIcBAEBAgAGBQJRNiWjAAoJEOoGpJErxa2pwBIP+wYbcWb84Iu29W7v2Btyr9IK > > DWyVNW+D3DSj8gj6RWa6Puo/wfGkTcsQLrnjdRbvR2x7rSY/nJ6UNnx8L3hDiM0Y > > m1euxKXNxwLrRu0rlQjoKQcWM7+zYSzstsgYC1uHywFdd2x7ms6Nw8TUTKU6h/eE > > VA4g2ogj/m6LyCEuL8dseea73lofltd2tuJ1rDAcjpKKPtYvY4i67Va7tIj2fpg3 > > d0C+1hMs2+QZ9npfg+v7rA22EPZ2Rm+zWZpXyuVRlbDYZ2VGdkgrOo85FhyGn04G > > AWxlV9n/CkDOKU9JCHfZwovSz3+jJPcgseChtZ5GhwVEw9RLS/f61wAZvDkraLVF > > lh1x9qbO28j5IjZNtWxOoPbxhfh2diIWI1IH28yh9M+eftK/h4INuwUfOaGR3Ryt > > NbgPEcWDvZhoOzk6V9zMOwVn1PkLVM+01V5pnkBRISkPAlTxmENi6WIpvH1xePRw > > 0xduvwdK3Amvsb93e1FK83Kgm8FKi+va3WvFHpkRNVSg1YAMvO8/CO4Y4wC60Wao > > aPzuxefxqAJ2tZCUnxQJd/dufOLgl3EMj2J+dl+j9TWE/n8mjyhN6iXGMr5FV9w9 > > mD7zwurkRW4CmVK7twn54TGdF3QAzAMQ/tQFViTLbdI2qjOl9PbEN4cL4q4M5Fut > > XXI2PIYmhZG5V3UYfN4s > > =/8mE > > -----END PGP SIGNATURE----- > > is here exists any alternative to xep-0027 ?
P.S. how well otr working with offline messages ?
signature.asc
Description: This is a digitally signed message part.
