[Standards] C2C TLS
js-xmpp-standards at webkeks.org
Tue Nov 25 14:34:30 UTC 2008
Am 25.11.2008 um 14:41 schrieb Dave Cridland:
> Actually, it's not that the problems are ignored, they're simply
> punted. XEP-0247 simply says "Hey, we'll negotiate something that
> works", and avoids the entire issue, by design. This is a good thing.
> We're hoping that technologies like ICE-TCP and other transport
> layer solutions will be developed. This seems pretty reasonable -
> I'm not convinced by ICE-TCP itself, but we're not tied to TCP, just
> a reliably ordered stream, which makes life rather simpler. (FWIW, I
> suspect we could use ICE to setup two-way UDP communications and
> layer a reliability layer on that - in fact, I think it's been done).
> What any sane person would realise is that XMPP expertise won't help
> there at all, and that a good design would allow these additional
> technologies to be designed by others, and simply slotted in post-
IMO, that brings far too much complexity for a such a simple and
mandatory thing like end-to-end encryption. A dependency on Jingle
really is too much IMO. It should be so simple to implement, be it
whether a library like suggest for ESessions or via a very simple
protocol that everybody can very easily implement, that even the most
simple client could implement it. Thus have no dependencies on any
complex XEP etc.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: This is a digitally signed message part
More information about the Standards