[Standards] MUC E2E encryption

Dirk Meyer dmeyer at tzi.de
Thu Jan 15 16:19:39 UTC 2009


"Okano, Stephen" wrote:
> I have been following the forums on end-to-end encryption for a while
> as I am involved in a project developing group end-to-end
> encryption. It looks like the XEPs currently are focused on e2e
> encryption between two entities. Is there any framework for
> implementing encryption in a Multi-User Chat framework? 

Not yet. I thought about it some time ago, but didn't came up with a
good solution. One question: do you trust the MUC server? If you do (and
only misstrust the link between your client and the MUC server), you can
open an e2e link to the MUC server. But I guess you don't trust the MUC
server and want to encrypt all communication in the channel. That
requires some sort of key distribution.

> We have extended pidgin's implementation of XMPP to enable group e2e
> encryption using our own XMPP tags, but I can imagine there might
> already be a standardized way for specifying group e2e in XMPP. 

Maybe you can send us your idea and we can find a way to make it working
based on our current e2e discussions.


Stress is when You wake up screaming and then realize You haven't slept at all

More information about the Standards mailing list