[Council] E2E discussion
dizzyd at jabber.org
Wed Nov 5 13:03:17 CST 2003
-----BEGIN PGP SIGNED MESSAGE-----
This is a flame.
I'm tired of waiting for the perfect e2e encryption mechanism -- it
simply doesn't exist. There seems to be some set of people within the
Foundation who believe that we must have the perfect solution; anything
else is simply unacceptable. However, we have known that e2e is an
important piece of the overall security puzzle for 4 (FOUR!) years now,
and we STILL haven't solved it. For this reason, I wrote JEP-116 in
hopes of providing a reasonable compromise to this problem, one that
people can grok enough to implement, but one that was built on a
proven protocol (SSH, in this case) which people trust for security.
Instead of getting constructive feedback, I've only had back-channel
rumblings/complaints about the JEP and how it didn't attempt to clarify
previous e2e JEPs (that NO ONE understood). I'm sick of this, and it is
behaviour unbefitting the Council.
The Council is responsible for the growth and progress of the protocol.
It is your duty to act as leaders and address issues with all due
haste. Do your job! This e2e discussion has dragged on and has not
I have paused my efforts to push JEP-116 as a de-facto standard by
implementing and encouraging others to implement it, based on feedback
from some Council members that my JEP was not "secure" enough. However,
if the Council does not act decisively on this issue in the next week,
I will resume my efforts to evangelize what I believe to be the best
solution yet presented.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (Darwin)
-----END PGP SIGNATURE-----
More information about the Council