[Standards] XEP-0136 modifications
stpeter at stpeter.im
Wed Feb 3 18:59:59 UTC 2010
On 2/3/10 11:27 AM, Yann Leboulanger wrote:
> Jonathan Schleifer wrote:
>> Am 02.02.2010 um 20:59 schrieb Yann Leboulanger:
>>> I start encrypting the conversation (GPG or E2E).
>> While this is true for E2E, it indeed makes sense to store GPG-encrypted
>> message encrypted. Here, the replay attack of GPG becomes useful, as you
>> can still decrypt it later. But for E2E, you can't decrypt it anymore
>> after the session has ended.
> ejabberd module (the only server implementation I know) only logs body
> content. And body doesn't contain GPG data. So it's useless if
> save is not message or stream. So this add more complexity to this
> already complexe XEP. If a client wants to log encrypted data, I think
> it's better for it to do it manually after having decrypted the data.
Yann, I agree. I'd rather work to reduce complexity in XEP-0136 than to
increase complexity. Any suggestions? :)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 6820 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards