[Standards] Proposed XMPP Extension: Simplified Encrypted Session Negotiation

Ian Paterson ian.paterson at clientside.co.uk
Wed May 30 19:15:50 UTC 2007


Peter Saint-Andre wrote:
> Ian Paterson wrote:
>> I'm not sure if it is even possible to minimise the damage while 
>> maximising the security. This issue needs more thought.
>
> Agreed. It seems that when you come back online, you will have some 
> unreadable messages from the other person, at which point you'll have 
> to negotiate a new session with new keys etc.

We might want to recommend entities use XEP-0184 (Message Receipts) if 
they want to ensure their messages are delivered (or at least be aware 
that they haven't been delivered).

If so then perhaps XEP-0155 needs a new field that enables clients to 
agree whether or not they will use message receipts throughout a session.

- Ian




More information about the Standards mailing list