Have you read 'JEP-0116: Encrypted Sessions' (http://www.jabber.org/jeps/jep-0116.html)
JEP-0027 is only a Historical JEP, so it's not a standards-track spec, JEP-0116 is a standards-track spec. On 3/5/06, Juan Antonio Gómez Moriano <[EMAIL PROTECTED]> wrote: > Thanks to all for the answer/suggestions... What i have think now is to > automatize the process of exchanging keys using OpenPGP key servers, > after all they are suppossed to be synchronized, aren't they? yea, I've considered adding a button to Psi to do this many times. > Apart from that i have been thinking on reporting a comment to the > jabber people about this... I have developed a simple solution which > basically stores the public in the jabber server in a place accessible > for everyone but that only the user can write, i've been testing it and > looks nice, should i make a more formal document and report it to > jabber.org? Some people store their public keys in their vCards, but as Michal pointed out any exchange of pgp/gpg keys in-band will be insecure. (e.g. using the same tcp connection). The keyservers are the 'right' place to store and get this information. If you want to do it privately, then set up your own private keyserver. -- - Norman Rasmussen - Email: [EMAIL PROTECTED] - Home page: http://norman.rasmussen.co.za/
