AW: [Security] XTLS
Alexander Gnauck
gnauck at ag-software.de
Sat Mar 17 04:49:56 CDT 2007
Justin Karneges wrote:
> I think you're done. :) Running TLS over an IBB (or similar)
> stream is not
> any different from running TLS over TCP, provided you don't
> have to fight
> your TLS library very much. The client knows when the TLS
> negotiation is
> completed because the TLS library says so.
>
> If we went this route, I'd suggest simply starting an XML
> stream over the TLS
> channel, and using that for stanza exchange. Voila, e2e.
I agree with Justin, it shold be be that hard to implement if your TLS
library gives you access to the stream.
But what about the certificates?
Alex
More information about the Security
mailing list