[Standards-JIG] JEP-0136: Message Archiving

Michael Long Michael.Long at cornerstone.net
Wed Jan 18 16:33:27 UTC 2006


Tomasz Sterna said:
> 2006/1/17, Michael Long <Michael.Long at cornerstone.net>:
> 

[...snip...]

> As for privacy - I think public key encryption is enough to ensure the
> message privacy.

I don't quite follow the above comment. Which aspect of the standard/
suggestions does that comment apply?

> End-2-End decryption key could be stored in the same message archive
> as a body-less message, for the client to retrieve it later. Pubkey
> encrypted of course.

I am assuming you are referring to server autoarchving. Can you give
an example message of which you speak?

I was thinking that the client could send a message similar to the
following:
<iq type='set' to='montague.net'>
  <config xmlns='http://jabber.org/protocol/archive'>
    <key with='juliet at capulet.com'>
      bfXv33i+Ybqypa4ETLyorGkVl73v67SMvzX41MPRKA5cOp9wGDMgd8SirwIDAQAB
    </key>
  </key>
</iq>

The value of the <key/> node indicates the key used to encrypt the
conversation with juliet at capulet.com. Of course, the key should
be encrypted, so there would be more attributes in the <key/> node,
such as keyalg, dataalg, and key (confusing attribute name). Also,
I would think that the key should be scoped (to a thread?). As I
have mentioned before, I am not versed in encryption techniques,
so this may not make any sense.

> And I believe it belongs to another JEP. It's an optional
> functionality of server that may, or may not exist alongside with
> JEP-0136. It could be mentioned in JEP-0136 though.

The more I think about it, I agree. Server autoarchiving, whether it
be the start/stop method or some other method should probably be in
a separate JEP, which extends JEP-0136. It is more important to get
JEP-0136 approved and not delay it with this autoarchiving concept.


-- 
Michael J. Long

-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 3576 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/standards/attachments/20060118/9d46e33f/attachment.bin>


More information about the Standards mailing list