[Standards] C2C TLS

Dave Cridland dave at cridland.net
Mon Nov 24 12:40:24 CST 2008


On Mon Nov 24 17:54:00 2008, Jonathan Schleifer wrote:
> Am 24.11.2008 um 18:50 schrieb Dave Cridland:
> 
>> C2C TLS has numerous carefully audited crypto implementations, and  
>>  one (or two?) test client implementations. Now, arguably, it  
>> might  well have more - I'm not sure how many of the existing  
>> XEP-0174  clients will simply use TLS if offered, which would  
>> count in at  least some respects.
> 
> Please name at least two implementation so I can test those :).
> 
> 
For the crypto layer, any TLS library. These include OpenSSL, GNU  
TLS, as well as numerous others.

For the C2C TLS protocol itself, this is just <starttls/> over a C2C  
XMPP session - are you saying that Gajim won't use TLS on a link  
local session if offered? If not, why not? If so, why does this not  
count?

You know the answers to the remainder of your questions, or else can  
look them up in the archives.

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade


More information about the Standards mailing list