On 26/06/13 19:16, Jon Kristensen wrote: > The OTR-inspired and end-to-end secure Yabasta protocol has received a > significant update today. You can see the updated protocol at > <https://github.com/jonkri/yabasta-protocol/>.
Why should implementers prefer this protocol over end-to-end TLS, such as the XTLS RFC-draft? Sell it to us :-) (I do like this better than OTR, because the payload is specifically an extensible XMPP stanza, rather than being constrained to be human-readable text in UTF-8 "optionally with HTML markup", whatever that means.) Most client implementers haven't implemented XTLS, and the RFC-draft for it wasn't finished, because end-to-end security is a lot of work to do well (or at least, that's why nobody has had time to implement it in Telepathy). Is Yabasta any easier, bearing in mind that unlike XTLS, it doesn't appear to be possible to use existing TLS libraries like GNUTLS, NSS or OpenSSL to do the cryptographic bits? > a service discovery feature item of "yabasta-protocol:0" That's not an IETF-registered URI scheme, and neither are the various XMLNSs in your mapping into XMPP. If you own yabasta.com, http://yabasta.com/xmpp/0 might be a more appropriate URI, for instance. (If you don't, please don't it in your examples :-) You probably only need one XMLNS for the whole specification: only the tuple (namespace URI, element name) needs to be unique. Regards, S
