stpeter at stpeter.im
Sat Aug 30 16:11:18 CDT 2008
Dirk Meyer wrote:
> "Jack Moffitt" wrote:
>>> Ok, you could use some in-band connections and even employ some of the
>>> crypto stuff but... first applies. Lots of work for no real reason.
>> BOSH exists and supports TLS. It's also widely implemented.
> And with Jingle to start e2e you can use IBB. XMPP over IBB over XMPP
> over BOSH. But I have no idea if you could use the normal starttls
> over that stream. How does BOSH handle this? Use TLS on the HTTP layer
> or use starttls?
The BOSH spec recommends using channel encryption between client and
server at the HTTP (transport_ layer, not the XMPP-over-HTTP (BOSH)
layer. However for e2e encryption you could do STARTTLS for the e2e
stream and the BOSH layer wouldn't care about that because it all
happens in (say) IBB payloads.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 6751 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080830/e53d089e/attachment.bin
More information about the Security