[Standards-JIG] Re: The Great Encryption Debate

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Wed Aug 3 08:21:15 UTC 2005


On Wednesday 03 August 2005 12:40 am, Nolan Eakins wrote:
> Peter Saint-Andre wrote:
> > So I propose that we initiate "The Great Encryption Debate". Any and all
> > proposals are on the table. Let's publish Justin's "Secure Stanzas"
> > proposal. Let's publish a proposal based on W3C XML Encryption and XML
> > Signature [4] if someone wants to write such a proposal. Let's debate
> > the merits of RFC 3923 and JEP-0027. Let's talk about the Off-the-Record
> > Communications (OTR) plugin for Gaim. [5] Let's discuss JEP-0116. [6]
> > But let's not just talk, let's also implement. (I apologize in advance
> > for the fact that I'm not a good coder, but I'll try to help if I can.)
>
> Had to give some context, but I have a feeling this will only be about
> stanza level encryption. We must not forget file transfers, socks5 byte
> streams, a future VoIP protocol, etc. All of these should use the same
> infrastructure.

Good point.  I've written up something about this already:
  http://delta.affinix.com/docs/secure-jep65.html

I like this method because it gives your file transfer, voip, etc, the same 
security as your chat over jabber.  This means stanza e2e gives you file 
transfer e2e.  And if you're sharing the same server with SSL and not using 
e2e, then you get the expected security there too.

-Justin



More information about the Standards mailing list