[Standards-JIG] UPDATED: JEP-0136 (Message Archiving)

Ian Paterson ian.paterson at clientside.co.uk
Tue Sep 12 13:52:02 UTC 2006


Olivier Goffart wrote:
>>> If you agree on that , then the <auto/> is not required anymore.
>>>       
>> Sorry, I don't follow your logic. Doesn't the client still need the
>> ability to switch auto-archiving off/on, to switch auto-archiving
>> encryption off/on (and to specify which public key the server should use
>> etc)?
>>     
>
> Only once,  with <pref/>
>   

<pref/> defines _what_ the user wants to log. <auto/> defines _how_ the 
client wants to log (automatic or manual/local, encryption parameters). 
IMHO, <pref/> should not be overloaded with both the _what_ and the _how_.

> Le lundi 11 septembre 2006 20:41, Ian Paterson a écrit :
>   
>> Web clients can have no local config file.
>>     
>
> there is jabber:iq:private for that.
>   

Each client would end up inventing proprietary incompatible protocols. 
That is never good - especially in this case where we already need to 
define a standard prefs protocol as part of JEP-0136.

>> When e2e encryption is 
>> enabled Web clients must use client-logging (manual not auto archiving).
>>     
>
> Why not ?  because of the double encryption ?  not a real problem
>   

Because the Perfect Forward Secrecy requirement for encrypted sessions 
means that _all_ copies of keys are destroyed at the end of the chat 
session (or sooner). Nobody (not even the chat participants) would be 
able to decrypt the double encrypted messages.

- Ian




More information about the Standards mailing list