[Standards] e2e privacy for XMPP Re: RFC 3923 (e2e with S/MIME) and OpenPGP
hannes.tschofenig at gmx.net
Mon Nov 18 13:04:59 UTC 2013
It really depends what threats you are concerned about, Steffen.
I briefly looked at a Mumble project, which uses IM over Tor, when it
was mentioned on the IETF perpass list. Here were my thoughts:
Am 18.11.13 13:38, schrieb Steffen Larsen:
> On 18 Nov 2013, at 13:07, Andreas Kuckartz <a.kuckartz at ping.de> wrote:
>> Simon Tennant:
>>> IMHO, e2e security would probably make more sense as a XEP and working
>>> group that has the time to zoom into all the implementation details.
>> Can that be solved by an XEP ?
>> What about this IETF draft? (I still have to read it)
>> End-to-End Object Encryption and Signatures for the Extensible Messaging
>> and Presence Protocol (XMPP)
>> There exist people who mention XMPP as belonging to "faulty
>> technologies" for which they want to create alternatives:
>> And I try to find out what can be done to improve XMPP regarding
>> security and privacy.
> Well you can “always” run XMPP on top of TOR if you like that, if it is the S2S routing that bothers you. :-)
>>> On 18 November 2013 10:30, Andreas Kuckartz <a.kuckartz at ping.de
>>> <mailto:a.kuckartz at ping.de>> wrote:
>>> Peter Saint-Andre some time ago wrote:
>>>> On 7/16/13 4:27 AM, Carlo v. Loesch wrote:
>>>>> Since XMPP isn't suitable for keeping meta-data private I would
>>>>> presume that e2e privacy is out of scope for this mailing list,
>>> Where would the topic e2e privacy for XMPP be "in scope" ?
More information about the Standards