[Standards] xep-027 encrypted filetransfers

Александр sss at sss.chaoslab.ru
Wed Oct 17 16:10:04 UTC 2012


В сообщении от Среда, 17-окт-2012 08:26:18 вы написали:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 10/17/12 5:57 AM, Александр wrote:
> > On Пятница, 12-окт-2012 00:46:57 Александр wrote:
> > 
> > On Четверг, 11-окт-2012 23:33:48 Andreas Kuckartz wrote:
> >> Александр:
> >>> Hi all, i have implemented encrypted filetransfers in my
> >>> 
> >>> realization of xep-027 in new_gpg plugin fro miranda im/ng,
> >>> but
> >>> 
> >>> currently it supported only in miranda, i would like to extend
> >>> 
> >>> xep-027 to have defined encrypted filetransfers. is it possible
> >>> ?
> >> 
> >> Did you look at XEP-0234 ?
> >> 
> >> 
> >> 
> >> Cheers,
> >> 
> >> Andreas
> > 
> > not yet, but my method implement encrypted transfers for any type
> > of filetransfer, not just jingle (which as i know not supported by
> > most clients currently ?), but my method is very primitive ....
> > 
> > 
> > 
> > i have looked on XEP-0234 and related XEP's, found only some
> > information about optional ssl/tls encryption, but this is not
> > end-to-end, and not pgp like, i mean it's vulnerable to man in
> > middle attack on server side, ot i have missed something ?
> 
> We have not yet defined end-to-end encryption of file transfers. One
> way would be for the sender to encrypt each stanza to the public key
> of the recipient, and then chunk out the file using XEP-0047. However,
> that won't work well for huge files because it will take a long time
> to transfer the file. Another way would be to run your own trusted
> file transfer proxy, use XEP-0065, and require SSL/TLS on both ends of
> the proxy. I'm sure there are other solutions, too (e.g., for a while
> we were discussing something called XTLS). It's not such an easy
> problem to solve, but your ideas are welcome.
> 
> Peter
> 
> - --
> Peter Saint-Andre
> https://stpeter.im/
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
> Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
> 
> iEYEARECAAYFAlB+wAoACgkQNL8k5A2w/vxKiACaAxY2RIH+klEmZ8xzYDyOcQKk
> 0LIAn3X2E0qBvnvDqA9Vv0pnK+FLMmvx
> =iHZG
> -----END PGP SIGNATURE-----

my current solution is to encrypt complete file with pgp key before doing any 
data transfer, and after this just send it using any type of file transfer, so 
my idea is to extend xep-027 to define ability to encrypt files, just like 
message but not ascii armored, also allow to transfer it via any type of 
filetransfer (include unencrypted), if it's interested i can provide all 
details, and i have working implementation of this solution already.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20121017/2ff1f39e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.jabber.org/pipermail/standards/attachments/20121017/2ff1f39e/attachment.sig>


More information about the Standards mailing list