[Standards] C2C TLS

Jonathan Schleifer js-xmpp-standards at webkeks.org
Tue Nov 25 14:34:30 UTC 2008

Am 25.11.2008 um 14:41 schrieb Dave Cridland:

> Actually, it's not that the problems are ignored, they're simply  
> punted. XEP-0247 simply says "Hey, we'll negotiate something that  
> works", and avoids the entire issue, by design. This is a good thing.
> We're hoping that technologies like ICE-TCP and other transport  
> layer solutions will be developed. This seems pretty reasonable -  
> I'm not convinced by ICE-TCP itself, but we're not tied to TCP, just  
> a reliably ordered stream, which makes life rather simpler. (FWIW, I  
> suspect we could use ICE to setup two-way UDP communications and  
> layer a reliability layer on that - in fact, I think it's been done).
> What any sane person would realise is that XMPP expertise won't help  
> there at all, and that a good design would allow these additional  
> technologies to be designed by others, and simply slotted in post- 
> facto.

IMO, that brings far too much complexity for a such a simple and  
mandatory thing like end-to-end encryption. A dependency on Jingle  
really is too much IMO. It should be so simple to implement, be it  
whether a library like suggest for ESessions or via a very simple  
protocol that everybody can very easily implement, that even the most  
simple client could implement it. Thus have no dependencies on any  
complex XEP etc.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part
URL: <http://mail.jabber.org/pipermail/standards/attachments/20081125/3dac6587/attachment.sig>

More information about the Standards mailing list