[Standards] RFC 3923 (e2e with S/MIME) and OpenPGP

Daniele Ricci daniele.athome at gmail.com
Tue Jul 2 07:32:50 UTC 2013


On Mon, Jul 1, 2013 at 7:06 PM, Peter Saint-Andre <stpeter at stpeter.im> wrote:
>> What about applying PGP/MIME instead
>
> As in http://xmpp.org/extensions/xep-0027.html perhaps?
>

I mean using PGP/MIME the same way RFC 3923 uses S/MIME.

> I think you mean: draft-miller-xmpp-e2e replaces RFC 3923.
>

Yes, I put the * symbol because there were several draft versions of
that spec :-)

>> Is there some draft to follow/improve where e2e+PGP/MIME is
>> defined?
>
> XEP-0027.
>

You mean in the meantime that a more safe spec is drafted?

> (1) Matt's work on draft-miller-xmpp-e2e
> (2) OTR (potentially with future enhancements to make it more
> XMPP-friendly)
>
> Some energy is going into both of those (Paul Wouters and I plan to
> sync up at the IETF meeting at the end of July to work on an
> Internet-Draft providing informational documentation about OTR). Since
> you seem to care about this issue, your feedback would be welcome.
>

Sure! Because my needs are "mobile-oriented", I have to implement some
e2e solution that works when both users are online or not (something
like offline-storage OTR?). Of course an "offline" solution is less
safe than an online one, but of course there might be a compromise
(warning the user that e.g. forward secrecy might be compromised
because recipient is offline might be an option). Anyway, please keep
this in mind when you will discuss your new Internet-Draft.

--
Daniele



More information about the Standards mailing list