[Standards-JIG] UPDATED: JEP-0136 (Message Archiving)
Ian Paterson
ian.paterson at clientside.co.uk
Tue Sep 12 08:52:02 CDT 2006
Olivier Goffart wrote:
>>> If you agree on that , then the <auto/> is not required anymore.
>>>
>> Sorry, I don't follow your logic. Doesn't the client still need the
>> ability to switch auto-archiving off/on, to switch auto-archiving
>> encryption off/on (and to specify which public key the server should use
>> etc)?
>>
>
> Only once, with <pref/>
>
<pref/> defines _what_ the user wants to log. <auto/> defines _how_ the
client wants to log (automatic or manual/local, encryption parameters).
IMHO, <pref/> should not be overloaded with both the _what_ and the _how_.
> Le lundi 11 septembre 2006 20:41, Ian Paterson a écrit :
>
>> Web clients can have no local config file.
>>
>
> there is jabber:iq:private for that.
>
Each client would end up inventing proprietary incompatible protocols.
That is never good - especially in this case where we already need to
define a standard prefs protocol as part of JEP-0136.
>> When e2e encryption is
>> enabled Web clients must use client-logging (manual not auto archiving).
>>
>
> Why not ? because of the double encryption ? not a real problem
>
Because the Perfect Forward Secrecy requirement for encrypted sessions
means that _all_ copies of keys are destroyed at the end of the chat
session (or sooner). Nobody (not even the chat participants) would be
able to decrypt the double encrypted messages.
- Ian
More information about the Standards-JIG
mailing list