[Standards-JIG] PEP - multiple independently publishable items under each namespace

Ian Paterson ian.paterson at clientside.co.uk
Thu Nov 9 00:46:06 UTC 2006


Justin Karneges wrote:
> Why does XEP-136 depend on 189? We've had IM forever now without PKP, 
> I'm not sure why message history would be any more dependent on such a 
> thing.

How else will the server get copies of each of your different public 
keys that you (your various clients) use?

FYI, XEP-0136 specifies that, your server is going to generate a new 
symmetric key for each collection it logs automatically for you. It uses 
the key to encrypt the collection and then throws away the key... but 
not before it has encrypted the symmetric key with all your public keys 
and stored the encrypted keys along with the collection. So, even if 
your server is compromised in the future, your past conversations will 
not be compromised.

- Ian




More information about the Standards mailing list