On 22.12.2014 19:16, Sam Whited wrote: > On 12/22/2014 11:28 AM, Bartosz Małkowski wrote: >> I'm not sure we should start new XMPP stream covered by OTR. It >> depends on what we want to do. We can't hide that communication >> between A and B happens. Does encrypting whole stanzas is worth of >> complications?
> eg. after the initial setup / stream initialization: > > <!-- All messages looks like this to the server. Nothing else gets > sent unless it's in the OTR stream. --> > <message to="B" from="A" type="otr"> > ---OTR-ENCRYPTED--- > <something>could be any type of XMPP message</something> > ---END-OTR--- > </message> I see two design issues. You already mentioned the custom type value. Never invent new values for defined (top level) elements or new attributes (XEP-0134 § 2.1). Also your custom (OTR) payload should (must?) be encapsulated into a extension element. So your example becomes: <message to='[email protected]'> <otr xmlns='urn:xmpp:otr:1'> <!-- OTR payload here --> </otr> </message> - Florian
signature.asc
Description: OpenPGP digital signature
