Hello folks, I'm planning to implement Stanza Content Encryption [1] in QXmpp [2] and I had a more detailed look at the XEP. Here are my open questions / suggestions:
1. The XEP suggests that each encryption method uses a <encrypted/> tag with xmlns='<xep-namespace>'. However, since the <encryption/> element is not defined by SCE, there's no way of recognising a stanza as encrypted using SCE. I could only search for the elements defined by the supported encryptions QXmpp (in my case) knows about. My suggestion would be to define the <encryption/> element in the SCE XEP instead of redefining it in each of the encryption mechanisms. Instead of: <encrypted xmlns="urn:xmpp:super-e2ee:0"> ... </encrypted> I'd suggest something like this: <encrypted xmlns="urn:xmpp:sce:0" encryption="urn:xmpp:super-e2ee:0"> ... </encrypted> 2. The XEP says that messages MUST NOT have an unencrypted <body/> element. This means that I can't include a "fallback body" for clients that don't support SCE. How should I solve this (without violating the XEP)? 3. How should SCE work with XEP-0380: Explicit Message Encryption [3]? Should SCE maybe replace EME at some point (SCE also annotates the encryption method)? Or should it maybe even recommend using EME in combination? 4. Is encrypting a stanza with multiple encryptions allowed (optionally), not recommended or forbidden? Cheers, Linus [1]: https://xmpp.org/extensions/xep-0420.html [2]: https://qxmpp.org [3]: https://xmpp.org/extensions/xep-0380.html _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
