On 1/3/17 2:55 PM, Travis Burtrum wrote:
Hello all,
I noticed https://xmpp.org/extensions/xep-0234.html#security says:
In order to secure the data stream, implementations SHOULD use
encryption methods appropriate to the transport method being used. For
example, end-to-end encryption can be negotiated over either SOCKS5
Bytestreams or In-Band Bytestreams as described in XEP-0260 and XEP-0261.
Yet 260/261 both say:
https://xmpp.org/extensions/xep-0260.html#security-media
This specification, like XEP-0065 before it, does not directly support
end-to-end encryption of the media sent over the transport.
https://xmpp.org/extensions/xep-0261.html#security-media
This specification, like XEP-0047 before it, does not directly support
end-to-end encryption of the media sent over the transport.
So I at least am very confused, can anyone help? :)
Lance might have other opinions, but I read XEP-0234 as saying "this
isn't the place to look for transport-layer encryption, if it's defined
anywhere it would be in XEPs 260 and 261", whereas the latter specs are
saying "um, our authors haven't defined that yet but maybe we need to be
updated with some proper security methods, eh?"
;-)
Peter
_______________________________________________
Standards mailing list
Info: https://mail.jabber.org/mailman/listinfo/standards
Unsubscribe: [email protected]
_______________________________________________
