[Security] XTLS
Justin Karneges
justin at affinix.com
Fri Mar 16 18:06:23 CDT 2007
On Friday 16 March 2007 3:25 pm, Peter Saint-Andre wrote:
> In the XMPP Council meeting held earlier this week, Council member Chris
> Mullins said:
>
> [13:52:55] <Chris Mullins> xTLS scares me to death.
> [13:53:11] <Chris Mullins> I do NOT want to implement that, nor deal
> with the implications of implementing it.
>
> Chris, do you care to elaborate?
>
> It might be helpful to have a stub document that shows what XTLS would
> look like. I'll try to put something together soon, if only for my own
> understanding.
First, what do you mean by XTLS? If you mean you want to define a TLS
variant, in the same way that was done with DTLS, then yes that is a scary
notion (although it is probably no more scary than ESessions).
If by XTLS you mean you want to define a usage of TLS (e.g. base64 encoding
segments of a TLS stream), then that shouldn't be scary at all.
-Justin
More information about the Security
mailing list