[Foundation] Let's propose JEP-0046 (DTCP)
crabbkw at nafai.dyndns.org
Wed Dec 4 14:46:41 CST 2002
-----BEGIN PGP SIGNED MESSAGE-----
I'm not familiar with arp spoofing attacks, where I can find more
If what you say is true, then I agree, no need to make authentication
more complicated if it doesn't add security.
| A jabber user who is concerned about people hijacking his DTCP
| should probably start securing his setup by using SSL on the jabber
Indeed, it should be the first step.
| And DTCP can do TLS, which already includes the facility to do strong
| authentication. What we are missing (IMHO) is some generic way to tie
| keys (TLS certificates as well as GPG keys) to jabber IDs.
Any work in this area should also work towards endpoint to endpoint
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Members