On 4/17/13 9:57 AM, Daniele Ricci wrote: > On Wed, Apr 17, 2013 at 5:52 PM, Peter Saint-Andre <stpe...@stpeter.im> wrote: >> Sure. You could do something like secure remote password, but if you >> really want to use PGP then RFC 6091 is the right way to go (IMHO). > Indeed. > >> Perhaps we could discuss this topic on the standa...@xmpp.org list? > Sure. Just subscribed. > But at this point I guess I should go ahead with RFC 6091; > implementing a SASL protocol for something which is clearly (and > should be, actually) addressed by TLS would be useless don't you > think? > That is my opinion. Opinions may differ. :-)
I think we could have an interesting conversation about this on the XMPP standards list, and you might find some other folks who want to implement this on clients or servers. Personally I'd love to see wider support for TLS-PGP, because it would help us get rid of password-based authentication. There might be some challenges with key management (how do I tell the XMPP server that I've generated a new key?), but key management is always interesting. :-) Peter _______________________________________________ telepathy mailing list telepathy@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/telepathy