[Security] PGP (XEP-0027)
justin at affinix.com
Wed Jun 3 21:39:31 CDT 2009
On Wednesday 03 June 2009 02:35:03 Dirk Meyer wrote:
> Justin Karneges wrote:
> > In my opinion, this is not XMPP's battle. I think being able to use
> > "off the shelf" TLS libraries is a noble goal, and one we should
> > choose over protocol purity.
> Agreed. TLS-SRP makes it easy to specify but I'm open to other
> solutions -- IETF solutions, not self-made.
Yes, using a standards-based security approach is more important than being
able to use existing libraries. Ideally we'd manage to satisfy both goals.
I think we have wiggle room as long as what we're suggesting is more of
a "mash-up" of existing, proven concepts rather than anything revolutionary.
More information about the Security