[Security] TLS Certificates Verification

Dirk Meyer dmeyer at tzi.de
Wed Aug 20 09:27:05 CDT 2008


Jonathan Schleifer wrote:
> Am 19.08.2008 um 23:37 schrieb Peter Saint-Andre:
>> You'll notice that this is exactly what we already do for XMPP as
>> defined in RFC 3920. It's just that for end-to-end streams the
>> transport might not be a direct TCP connection as in RFC 3920.
>
> This is hacky as soon as we use it in-band, as that means we need to
> escape it somehow, and that'll most likely be Base64.

Yes. If we only have IBB it will be Base64. Jingle will try to use
something else but it may not be possible. I see no way around this
problem, not matter what encryption we use. ESessions also use Base64,
with Jingle-Streams we have at least a chance not to.


Dirk

-- 
program, n.:
	A magic spell cast over a computer allowing it to turn one's input
	into error messages.  tr.v. To engage in a pastime similar to banging
	one's head against a wall, but with fewer opportunities for reward.


More information about the Security mailing list