[Standards] Proposed XMPP Extension: Jingle File Transfer Description Format
stpeter at jabber.org
Wed Feb 7 16:02:55 UTC 2007
Nick Parker wrote:
> Should hashes other than MD5 be supported? While it is plenty for
> checking for corruption, I keep e-hearing about how MD5 is gradually
> approaching becoming compromised (which would be important if, say, you
> were worried about someone hijacking a file-send and sending fake files
> with matching hashes).
> I (tentatively) included support for multiple hash types (SHA512, SHA1,
> MD5, CRC32) to describe files in my own XEP (see
> http://www.xmpp.org/extensions/inbox/fileshare.html), should I have
> instead stuck with MD5-only? At the time, I had figured that support for
> multiple hashes would be a good trade off between ease of implementation
> and support for multiple contexts (as far as desired security).
I kept the format exactly the same as what's in XEP-0096 for the sake of
code re-use in our little bootstrapping process here, but I'm not wedded
to what's in XEP-0096 -- naturally we can change it around to make it
better. And it would be nice to sync up with the format used for Google
Talk file transfer (I chatted with Sean Egan about that late yesterday).
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards