[Standards] Proposed XMPP Extension: Simplified Encrypted Session Negotiation

Peter Saint-Andre stpeter at jabber.org
Wed May 30 19:21:44 UTC 2007


Ian Paterson wrote:
> Peter Saint-Andre wrote:
>> Ian Paterson wrote:
>>> I'm not sure if it is even possible to minimise the damage while 
>>> maximising the security. This issue needs more thought.
>>
>> Agreed. It seems that when you come back online, you will have some 
>> unreadable messages from the other person, at which point you'll have 
>> to negotiate a new session with new keys etc.
> 
> We might want to recommend entities use XEP-0184 (Message Receipts) if 
> they want to ensure their messages are delivered (or at least be aware 
> that they haven't been delivered).

That spec needs to be updated per Council feedback. It's been on my 
.plan to do that for the last 5 months or so. :)

> If so then perhaps XEP-0155 needs a new field that enables clients to 
> agree whether or not they will use message receipts throughout a session.

Right.

Peter

-- 
Peter Saint-Andre
XMPP Standards Foundation
http://www.xmpp.org/xsf/people/stpeter.shtml

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070530/7fe77f22/attachment.bin>


More information about the Standards mailing list