[jdev] end-to-end encryption -- making it happen

Peter Saint-Andre stpeter at jabber.org
Tue Jan 9 16:45:21 CST 2007

thomasasta at gmx.net wrote:
> Hello Peter, and List.
> if end to end is in, then servers in jabber are not needed, except
> for bootstrapping. 

It will take years for e2e to take off. So we're not about to throw out 
the servers. Plus there are plenty of environments in which e2e cannot 
be used (e.g., because of regulatory compliance issues). I don't see a 
good reason to throw our client server architecture out the window.

> But there is already the concept to bootstrap
> serverless from a DHT. See www.csapce.in, which as as well a 2048 bit
> encryption impelmented.
> Why is jabber doing the same now, without getting rid of the servers?

See above. It seems to me that we might as well use what we've got 
rather than starting over. If we wanted to do that, we could just use 
CSpace. But getting millions of Jabber users to migrate to CSpace 
doesn't like easy. :-)

>  IMHO e2e has to be implemented hand in hand with bootstrapping from
> a DHT. 

Got reasons?


Peter Saint-Andre
Jabber Software Foundation

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20070109/ac279914/attachment-0002.bin>

More information about the JDev mailing list