[Standards] OX (OpenPGP for XMPP): A new OpenPGP XEP

Sergei Golovan sgolovan at gmail.com
Wed Jan 6 17:34:49 UTC 2016


Hi Florian.

On Wed, Jan 6, 2016 at 3:32 PM, Florian Schmaus <flo at geekplace.eu> wrote:
> Hello everyone,
>
> After a few more weeks of hard work on a ProtoXEP, we are now pleased to
> announce a first preview of our work. Some parts are still not finished,
> but everything important is there and thus the ideal time has come to
> ask for feedback and start the discussion on the XMPP Standards mailing
> list.
>
> The current state of the XEP, which we gave the short name 'OX' (OpenPGP
> for XMPP), can be found rendered at
>
> http://geekplace.eu/xeps/xep-openpgp/xep-openpgp.html

After a quick reading I'd like to propose to use the <sign/>, <crypt/>
and <signcrypt/> elements as outer elements, and put some XML
element like <openpgp/> inside (signed or encrypted as intended).
It'd be more convenient for the recipient to know in advance what
to do with the OpenPGP message, so different elements is better
than the same <openpgp/> when the recipient would have to
decide which message he got by the message itself.

Also, I'm a bit concerned about using XMPP server to synchronize
user's private key. Isn't it too dangerous to keep private key somwhere
on the internet? I've always thought that one always keeps his
private key on a controlled computers.

Cheers!

-- 
Sergei Golovan


More information about the Standards mailing list