Hello, the point with PGP is that user checks and signs the key (if he trusts it). Therefore, key exchange can not happen automatically, since it would break one of the main idea of PGP, that user knows who he is encrypting to.
Dne sobota 04 březen 2006 21:25 Juan Antonio Gómez Moriano napsal(a): > Hello to all. > > I'm making a Jabber client whose main "important" thing is that it > implements the JEP-0027 (Current usage of OpenPGP in Jabber), i already > know properly the protocol, and i have read the JEP-0027 > (http://www.jabber.org/jeps/jep-0027.html) . > > The question is that the document does not specify very clear (IMHO) how > to perform the key exchange it says : "All keys are exchanged using > OpenPGP key servers, and usually are retrieved when a signed <presence/> > stanza is received (key retrieval does not happen in-band)." The thing > is : how do i know in which server is the key of the person i am > chatting with?? > > Also it would be great also if someone can give me an opinion about > using GnuPG for doing this: I am doing all the development in JAVA and i > will prefer to avoid using an "external program" (as GnuPG). > > Apart from that, I have been doing some testing with encryption over > jabber by using the own Jabber server to exchange the keys (just to > check that i did the encryption part properly, and it worked, using RSA > keys...) > > Any idea/suggestion/hint?? > > THANKS in advance. -- Ostatně soudím, že uzavřené protokoly a formáty by měly být zničeny, stejně jako Kartágo. Michal Vaner (Vorner)
pgpFaQlCLXOV8.pgp
Description: PGP signature
