[Security] client-to-client security :: Summary and todo's

Pedro Melo melo at simplicidade.org
Sun Aug 24 02:43:42 CDT 2008


On Aug 23, 2008, at 3:50 PM, Pavel Simerda wrote:

> On Sat, 23 Aug 2008 11:21:55 +0200
> Johansson Olle E <oej at edvina.net> wrote:
>> Ok, I'll try to summarize a bit. With all these very technichal
>> mails flowing around,
>> I might have missed something, so please add/correct/flame as needed
>> - The issue at hand is "how to set up a secure connection between
>> two XMPP clients".
>>    Assume that we do have the ability to set up sessions through a
>> network of XMPP
>>    servers or by using the same server and need to move from that
>> channel to a secure
>>    channel - end to end.
> Btw, is it really necessary to set up secure connections through
> servers? If it is a session, why not IP to IP (peer-too-peer)?

True. The text should be "through a XMPP network". This will include  
P2P XMPP sessions using XEP-0174.

> Or does is the centralization plague of the internet around servers so
> severe that nobody considers direct connections?

big bad conspiracy theory. The servers are out there.

go easy. its just that the usual XMPP connections are c2s, so we  
assume the presence of the server most of the time. Nothing against  
p2p xmpp, really.

Best regards,
Pedro Melo
Blog: http://www.simplicidade.org/notes/
XMPP ID: melo at simplicidade.org

More information about the Security mailing list