[Standards] RFC 3923 (e2e with S/MIME) and OpenPGP

Peter Saint-Andre stpeter at stpeter.im
Mon Jul 1 17:06:07 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 7/1/13 10:24 AM, Daniele Ricci wrote:
> Greetings, I was reading RFC 3923 [1],

Yeah, we're not proud of that spec.

> and it always talks about S/MIME encrypted message format.

IETF dogma at the time required that.

> What about applying PGP/MIME instead

As in http://xmpp.org/extensions/xep-0027.html perhaps?

> - or better, let the RFC handle both cases?

That can introduce more complexity.

> If I understand correctly, draft-miller-xmpp-e2e-* are replaced by
> RFC 3923.

I think you mean: draft-miller-xmpp-e2e replaces RFC 3923.

> Is there some draft to follow/improve where e2e+PGP/MIME is 
> defined?

XEP-0027.

> By the way: encryption/signing in XMPP is very confusing: there are
> at least a dozen documents (RFCs and XEPs) defining it - of course
> I should follow approved XEPs and RFCs, but I'm also looking
> around: maybe some XEPs are already widely implemented or they will
> be approved soon.

I admire your optimism. :-)

The technologies that seem most interesting now are:

(1) Matt's work on draft-miller-xmpp-e2e
(2) OTR (potentially with future enhancements to make it more
XMPP-friendly)

Some energy is going into both of those (Paul Wouters and I plan to
sync up at the IETF meeting at the end of July to work on an
Internet-Draft providing informational documentation about OTR). Since
you seem to care about this issue, your feedback would be welcome.

Peter

- -- 
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJR0bb/AAoJEOoGpJErxa2pQQwP/2yKChW9gl/C0a1zEr3rgWgP
uvion1cHU6GEorA+i7xu1x0yPNLaaEKYMxGYoOzgFFR4MRfU+/C8fv1OtqMq1P9P
LONY517AZQzR3VFqbi924q5Sf6WA/KHrTXDMQ248xx5u55oo7zoJH6keFt6mEK8w
GusU4FerDRqnQ5s3G1eHTwWAqFR011NJmBD9xYSOzylZpbdNqZMjUcXIu61iU2w1
FM/i56L45MhufRVj2ALQB4H9i6J6MC2Xd74/jkM2InAMJT7d8GOFeueO3FQoNhn9
X+UGHwi8u9QrsxDntP43PQ1Yv5OEMvLnaVznNioFOIp1R8F1HJpch1qI9XNXJO+I
P7mjdw1ZR8NgfAjD8Z6CZYKT6bE4Ty4hkJSvvJcoRuDWEhBaMyzrCnfqAC0jAnZe
JoIEhInI9QSrD/5UrFdXRDGFTMkHBfl38C+tL3Zj1AdSenOhcM7qcNDXTtqbmQ9Q
9HsPe+lUnrCXgM94Bq0wVc88IYQAyGICpFFa/qSJbDUGFR56uyAE3HQFSnmZ972d
0g79uAV75OssqFSNonxRMunXOETqzkNZrDXcA0PXRJ3q6D15o2NJflfqPDkdzNWA
X4vfBdUQoRn8EkZesQi+4wNz35MyklNUYuRDcYdbrZLPRGLtLpBFMYv7BowgdrPl
tXp4uj5AwB6BL+v76OQZ
=tnDu
-----END PGP SIGNATURE-----



More information about the Standards mailing list