[Standards] Any protocol to request encrypted connections?

Matthias Wimmer m at tthias.eu
Tue Feb 6 18:22:12 UTC 2007


Mridul schrieb:
> So essentially user wants to ask server if route to contact is secure.
> For now ...
> 1) user to server over tls.
> 2) server to remote server over tls. (if remote).
> 3) contact to server over tls.
> 
> 
> 1 can be answered by user's client, 2 can be answered by user's server, 
> 3 can be answered by a disco (new one?) to contact/remoteserver.
> Not sure how this will work in case of intermediaries hosting contacts 
> though.

Query/answer won't work for this very well - the sender could not be 
sure if the characteristics of the link will change between the query 
and the other stanza it sends.

It should be something like a shim header to be added to a message. Each 
relay on the way would have to check if the next relay supports this 
shim header. If it doesn't it will bounce the stanza back (without it's 
content as the way back might have other characteristics as well). If 
the next relay supports it, it will forward it if the link to this next 
relay is protected, if not same as if the next hop does not support the 
shim header.


Matthias

-- 
Matthias Wimmer      Fon +49-700 77 00 77 70
Züricher Str. 243    Fax +49-89 95 89 91 56
81476 München        http://ma.tthias.eu/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4263 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070206/0581c3a9/attachment.bin>


More information about the Standards mailing list