[Security] PGP (XEP-0027)

Justin Karneges justin at affinix.com
Wed Jun 3 21:39:31 CDT 2009


On Wednesday 03 June 2009 02:35:03 Dirk Meyer wrote:
> Justin Karneges wrote:
> > In my opinion, this is not XMPP's battle.  I think being able to use
> > "off the shelf" TLS libraries is a noble goal, and one we should
> > choose over protocol purity.
>
> Agreed. TLS-SRP makes it easy to specify but I'm open to other
> solutions -- IETF solutions, not self-made.

Yes, using a standards-based security approach is more important than being 
able to use existing libraries.  Ideally we'd manage to satisfy both goals.

I think we have wiggle room as long as what we're suggesting is more of 
a "mash-up" of existing, proven concepts rather than anything revolutionary.

-Justin


More information about the Security mailing list