[Standards] Any protocol to request encrypted connections?
jabber.org at ralphm.ik.nu
Tue Feb 6 16:26:13 UTC 2007
On Tue, 2007-02-06 at 16:19 +0000, Richard Dobson wrote:
> > why not jingle and use p2p udp with encryption of text? but to be
> > honest sharing gpg keys between endpoints works well for me
> I have a feeling that wont work for what Matthias wants, I believe he
> wants a method of ensuring the messages are delivered over encrypted
> connections along the way but keeping the ability of servers to be able
> to log those messages for compliance reasons, so any form of e2e where
> the servers cannot decode the content is pretty much out in this situation.
Given that you would need to trust all entities in the path between
end-points, I expect a better (only) approach would be to only route e2e
encrypted traffic that can also be decrypted by the logging server, or
The actual question then becomes: what is the threat model? What
security aspects are you trying to tackle? Secrecy (outside the
communicating entities and the logging server), non-repudiation, etc?
More information about the Standards