[Standards] XTLS revisited

Peter Saint-Andre stpeter at stpeter.im
Mon Dec 15 19:26:04 UTC 2008


On Mon, Dec 15, 2008 at 07:28:45PM +0000, Dave Cridland wrote:
> On Mon Dec 15 19:15:01 2008, Peter Saint-Andre wrote:
>> And the concern that lots of server admins will block IBB because  
>> people
>> use it for file transfer, whereas (some) server admins might be less
>> likely to block a technology that enables user security.
>
> I'm not sure that "helping idiots" is a good way of making technical  
> choices.
>
> As has been repeated many times, if you ban IBB to prevent file transfer 
> via the server, but allow encrypted channels, then people will simply 
> encrypt the file transfers (which is, incidentally, perfectly sensible 
> for other reasons), in which case the admin has done nothing useful at 
> all.
>
> On the other hand, banning IBB if it *is* used for encrypted channels - 
> knowing that encrypted channels can bypass the server entirely - has 
> reasonable use-cases. (Similarly, blocking Jingle content-types  
> selectively to prevent encryption is sane in some environments, too).

And does the admin know that IBB is being used for an XTLS tunnel? Based
on the XTLS exchange before IBB is invoked?

/psa




More information about the Standards mailing list