[Security] client-to-client security :: Summary and todo's
pavlix at pavlix.net
Sun Aug 24 03:56:20 CDT 2008
On Sun, 24 Aug 2008 08:43:42 +0100
Pedro Melo <melo at simplicidade.org> wrote:
> On Aug 23, 2008, at 3:50 PM, Pavel Simerda wrote:
> > On Sat, 23 Aug 2008 11:21:55 +0200
> > Johansson Olle E <oej at edvina.net> wrote:
> >> Ok, I'll try to summarize a bit. With all these very technichal
> >> mails flowing around,
> >> I might have missed something, so please add/correct/flame as
> >> needed
> >> - The issue at hand is "how to set up a secure connection between
> >> two XMPP clients".
> >> Assume that we do have the ability to set up sessions through a
> >> network of XMPP
> >> servers or by using the same server and need to move from that
> >> channel to a secure
> >> channel - end to end.
> > Btw, is it really necessary to set up secure connections through
> > servers? If it is a session, why not IP to IP (peer-too-peer)?
> True. The text should be "through a XMPP network". This will include
> P2P XMPP sessions using XEP-0174.
Ok. This is not the wording I care about so much. But the e2e nature of
connections suggest the c2c over c2s-s2c has no real advantages as a
> > Or does is the centralization plague of the internet around servers
> > so severe that nobody considers direct connections?
> big bad conspiracy theory. The servers are out there.
I don't see any conspiracy.
XMPP with servers is a natural choice as you need to store your data
somewhere and share one account for many places and application. I
would just stick with c2s only where it's appropriate.
> go easy. its just that the usual XMPP connections are c2s, so we
> assume the presence of the server most of the time. Nothing against
> p2p xmpp, really.
If you mean a server-less XMPP on the internet (not link-local), I
believe it would be an interesting experiment. But in practice... a
local Jabber server seems good enough, at least for people with domain
I am more interested in security features and p2p features of
the otherwise server-centric XMPP network.
> Best regards,
Jabber & Mail: pavlix(at)pavlix.net
More information about the Security