Justin Karneges wrote:
On Friday 16 March 2007 3:25 pm, Peter Saint-Andre wrote:In the XMPP Council meeting held earlier this week, Council member Chris Mullins said:[13:52:55] <Chris Mullins> xTLS scares me to death. [13:53:11] <Chris Mullins> I do NOT want to implement that, nor deal with the implications of implementing it. Chris, do you care to elaborate? It might be helpful to have a stub document that shows what XTLS would look like. I'll try to put something together soon, if only for my own understanding.First, what do you mean by XTLS? If you mean you want to define a TLS variant, in the same way that was done with DTLS, then yes that is a scary notion (although it is probably no more scary than ESessions).
My initial understanding of the suggestion was to map all the TLS primitives to XMPP syntax. That was a misunderstanding.
If by XTLS you mean you want to define a usage of TLS (e.g. base64 encoding segments of a TLS stream), then that shouldn't be scary at all.
Sure we'd have things like: <iq> <xtls xmlns='urn:xmpp:xtls'>base64</xtls> </iq>The TLS stuff would all be base64-encoded, just hand it off to OpenSSL and you're done. Sort of. :) We'd need to bubble the results up to the XMPP application layer so the client knows when the negotiation is done. And I'm sure there are subtleties. But that is the basic idea AFAICS.
Peter -- Peter Saint-Andre XMPP Standards Foundation http://www.xmpp.org/xsf/people/stpeter.shtml
smime.p7s
Description: S/MIME Cryptographic Signature
