[Standards-JIG] UPDATED: JEP-0027 (Current Jabber OpenPGP Usage)

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Wed Mar 10 05:32:01 UTC 2004


Your update prompted me to ponder some more about end-to-end encryption in 
Jabber.

There are many aspects to consider, but I think the first one we should solve 
is a way to encrypt / sign full stanzas for one-shot use.  The only thing 
that comes close is xmpp-e2e.  JEP-27 is good for one-shot and offline 
message use, but unfortunately it does not support full stanza security or 
signing.  Also, xmpp-e2e is for use with X.509 and JEP-27 is for use with 
PGP.  The older e2e drafts seemed to be what we wanted...  can we achieve 
this with the newer revisions?  Or is it time to bring this home to 
Jabber-land?

-Justin

On Tuesday 09 March 2004 8:35 pm, Peter Saint-Andre wrote:
> I've completed an editorial review of JEP-0027 (Current Jabber OpenPGP
> Usage) and have made some small modifications that merit updating the
> version number to 1.2; the changelog is:
>
>    Clarified the text in several places; added several more security
>    considerations and known issues. (psa)
>
> http://www.jabber.org/jeps/jep-0027.html
>
> Peter



More information about the Standards mailing list