[Security] TLS Certificates Verification
js-xmpp-security at webkeks.org
Tue Aug 19 03:13:11 CDT 2008
Am 18.08.2008 um 23:34 schrieb Eric Rescorla:
> (2) What protocol it's embodied in.
Well, what I don't understand: We already have ESessions. Why do we
need another protocol now? ESessions offers nearly everything you can
think of. It offers public keys, but you can also use secrets instead
of public/private keys. It offers SAS, but also fingerprints. It
allows a variety of algorithms etc.
IMO, it offers all we need. All that's missing is a cryptanalysis for
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: This is a digitally signed message part
Url : http://mail.jabber.org/pipermail/security/attachments/20080819/c2360840/attachment.pgp
More information about the Security