[Standards-JIG] The Great Encryption Debate

David Chisnall theraven at sucs.org
Fri Aug 12 13:55:50 UTC 2005

I agree with Ian's post.  It is also important to support existing  
certificates for a reason not really covered:

This gives us access to existing (large) webs of trust.  I already  
have a CA Cert certificate (for example), so this puts me in a WoT  
which contains several thousand people.  Unfortunately, CA Cert  
certificates are currently only associated with email addresses -  
although it would probably be easy for someone in the JSF to persuade  
them to allow signing of JID-based certificates.

By supporting existing webs, we can use this to bootstrap the  
creation of larger Jabber-based webs.  To this end, we could probably  
create a simple server component that tracked people in a particular  
web (irrespective of key-type).  These components would then be  
responsible for tracking connections between webs - when someone  
joins a web, the server asks them what other webs they are in and the  
JID of that web-tracker, the two trackers then communicate and log  
the fact that there are intermediaries between the two webs (and  
create new connections between them).

More information about the Standards mailing list