[Security] TLS Certificates Verification

Peter Saint-Andre stpeter at stpeter.im
Tue Aug 19 15:57:08 CDT 2008


Jonathan Schleifer wrote:
> Jonathan Dickinson <jonathanD at k2.com> wrote:
> 
>> (compared to making
>> a new standard which would have no implementations).
> 
> ESessions *HAS* implementations! That's the point I bring up again and
> again against reinventing the wheel and doing something with TLS now!

ESessions has one implementation. As far as I know, we cannot use the 
plural "implementations" w.r.t. ESessions.

>> <encrypted from="joe at foo.org" to="mary at foo.org">
>>  192376123abd078f123aasdjib123khnasd0u123==
>> </encrypted>
> 
> Now you're even talk about breaking XMPP Core compatibility?
> And libotr can't handle arbitrary data, just messages. For which it
> will add HTML escapes if it's plaintext.
>  
>> Originator-Supported
>>       Add <e2e2/> tag to iq query.
>> Receiver-Supported
>>       Recognise <e2e2/> tag and begin e2e2 negotiation.
>> Originator-Unsupported
>>       No changes made.
>> Receiver-Unsupported
>>       No changes to code made, new <e2e2/> tag simply ignored if
>> present. Negotate e2e as normal. Receiver-Unsupported
>> Originator-Supported When first IQ response it aquired,
>> <e2e2>...</e2e2> tag is not present. Continue e2e negotiation.
> 
> libotr uses whitespaces to detect support. It's hardcoded.

And other ugliness.

>> As you can see it kinda works the kinks out itself.
> 
> Doesn't look like that to me.

As far as I can see, OTR doesn't meet the requirements specified in 
XEP-0210:

http://www.xmpp.org/extensions/xep-0210.html

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080819/19d2d19c/attachment.bin 


More information about the Security mailing list