[Security] e2e feedback
Peter Saint-Andre
stpeter at jabber.org
Tue Mar 13 16:07:50 CDT 2007
Peter Saint-Andre wrote:
> We received some initial feedback from an IETF security guru regarding
> encrypted sessions (XEP-0116 etc.). He thinks that, based on our
> requirements, we could simply re-use TLS semantics in XMPP syntax rather
> than define a completely new security protocol (which is considered to
> be a bad idea). Essentially this would treat XMPP as the transport
> layer, so instead of doing TLS over TCP (as we do for channel
> encryption) we would do TLS over XMPP for encrypted sessions between
> endpoints, where we communicate TLS primitives in XML syntax.
Well, or just stuff base64 TLS data into an XML element and hand that
off to OpenSSL, like so:
<iq from='juliet' to='romeo' type='set'>
<tls xmlns='urn:xmpp:xtls'>base64-data-here</tls>
</iq>
/me ponders...
Peter
--
Peter Saint-Andre
XMPP Standards Foundation
http://www.xmpp.org/xsf/people/stpeter.shtml
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20070313/ee4a88a2/smime.bin
More information about the Security
mailing list