[Standards] Any protocol to request encrypted connections?
stpeter at jabber.org
Mon Feb 5 21:46:49 UTC 2007
Ian Paterson wrote:
> Matthias Wimmer wrote:
>> Especially if I am not able to do e2e. E.g. because the destination's
>> server does not want to allow e2e encryption because it has to log all
>> exchanged messages, because the message is passing a gateway and we
>> already start to forget RFC 3923, or just because the client is
>> connecting using a web-based interface.
> Yes, you're right. (although Web clients will do full-strength e2e)
> The 'security' field in XEP-0155 allows the sender (or receiver) to
> specify that both clients must be securely connected to their servers.
> But something like XEP-0079 will be necessary for s2s... unless we
> specify in RFC3920bis that servers MUST use SASL-TLS for all s2s
Specs and reality are two separate things. :-) Realistically, we'll have
many unsecured s2s channels for a long time to come.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards