[Standards-JIG] Many to many e2e encryption (JEP-116)

Pierre THIERRY nowhere.man at levallois.eu.org
Fri Nov 25 18:42:34 UTC 2005


Scribit Ralph Meijer dies 25/11/2005 hora 13:23:
> Sure, this is possible, but it requires cooperation of the MUC
> service.

Yes, of course. There are possible scenarios, I think, without this
cooperation, but I suspect they would be sources of headaches more than
flexibility...

> Also note that since you are depending on the MUC service to reencrypt
> messages, your communication is not end-to-end secured any more. This
> requires trust in the MUC service.

Yes. I ask about this scenario because it is already in use in the mail
world. But the problem is a bit different there, because the mail
user-agent doesn't know the suscriber list, and sometimes can't (or
can't have a exhaustive one).

IIUC, with MUC, the Jabber end user always know who is in the room, so
this could be avoided.

This is the lesser secure scenario, but the easier one and the only able
to scale to any number of participants in the room, also. This is the
main reason I think it should exist.

Scalably,
Nowhere man
-- 
nowhere.man at levallois.eu.org
OpenPGP 0xD9D50D8A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20051125/ba82bf6f/attachment.sig>


More information about the Standards mailing list