[Standards] end-to-end encryption meeting
Peter Saint-Andre
stpeter at stpeter.im
Wed Nov 7 12:45:23 CST 2007
Hi Justin!
Thanks for your perspective, and sorry for the delayed reply.
Justin Karneges wrote:
> So, here's a question: can we create a protocol that allows the same user
> experience as OTR, but instead is based on something proven? I believe the
> answer is yes. Both RFC 3923 and XTLS would allow for an identical user
> experience as OTR. Sure, these systems may have different underlying crypto
> featuresets than OTR (e.g, neither have deniability), but they are featureful
> enough for most purposes.
>
> Does this mean we should abandon esessions? I don't think so. It offers the
> ultimate set of features that we would like to have eventually, and it takes
> advantage of XMPP in ways other protocols can't. It is looking to the
> future. However, it doesn't offer any user experience improvements over the
> other options (except for perhaps its use of SAS, but I'd like to investigate
> if we can do that in an S/MIME or TLS context before granting that). With
> that in mind, we could develop a system that is good enough today *and* that
> the user can fall in love with. We don't need OTR or esessions to have such
> a system.
Well, that is the question. Perhaps we can find a way to some answers
during the meeting that starts in 15 minutes. :) I hope you'll be there:
http://www.xmpp.org/council/agendas/2007-11-07.html
Peter
--
Peter Saint-Andre
https://stpeter.im/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/standards/attachments/20071107/a98e1d24/attachment.bin
More information about the Standards
mailing list