[Standards-JIG] JEP-0008 vs. JEP-0027
jabber.org at ralphm.ik.nu
Mon Apr 26 15:58:52 UTC 2004
On Mon, Apr 26, 2004 at 09:50:03AM -0600, Joe Hildebrand wrote:
> Yes, as soon as we agree on a replacement.
> Note that there is no actual need for the presence to be signed anymore,
> other than for backward-compatibility. It doesn't provide any real
> security, since it's subject to replay attacks, JEP-115 is a better way to
> signal the capability to do PGP, and pub/sub is a better way of finding and
> distributing keys.
Ah, so true. I thought about this while pressing 'y' for sending the other
message. ;-) Then again, apart from the security aspects, my statement stands.
More information about the Standards