[Security] client-to-client security :: Summary and todo's
js-xmpp-security at webkeks.org
Sat Aug 23 08:28:16 CDT 2008
Am 23.08.2008 um 15:12 schrieb Dirk Meyer:
> In that case we need a SOCKS5 proxy or a TURN server. I prefer the
> TURN server but we lack ice-tcp support to use it.
> I also need the server to help me find a TURN server I can use if I
> need one.
Well, I think we shouldn't use Jingle at all for transfering encrypted
messages. It just adds too much complexity IMO and I don't always want
a direct connection. Of course, I could use IBB, but do we really need
Jingle to transfer it in our XMPP stream? The answer is clearly no.
Plus, server admins might block IBB to save traffic, because they
don't want for example Jingle Video traffic transfered in-band and
thus disable Jingle IBB. I'm therefore for not using Jingle as a
transport layer, but have some transport layer for c2c encryption only.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: This is a digitally signed message part
Url : http://mail.jabber.org/pipermail/security/attachments/20080823/7176d301/attachment-0001.pgp
More information about the Security