Justin Karneges wrote:
On Friday 16 March 2007 8:08 pm, Peter Saint-Andre wrote:Mridul wrote:I always considered 3923 a pretty decent idea since it was practical ...Practical, other than the PKI dependency (or can you use self-signed certificates?) and the CPIM usage (which developers hate, there are no CPIM parsers) and the MIME stuff (very much not jabberish). As someone once said, S/MIME is the only known security technology with more implementations than users. :)You could use self-signed certificates if you don't want to drag in the PKI. This should be the case with any X.509-based protocol.True, CPIM and MIME aren't very Jabber-ish. We could get rid of those if we wanted to and just use S/MIME alone (which, I wrote a JEP proposal for, if anyone remembers). That said, if there were a simplicity contest, CPIM and MIME would win against most of the other e2e suggestions, so I wouldn't be afraid of having to implement them. :)
Heh. Well, ease of development would be good.
Unfortunately, S/MIME doesn't provide forward secrecy. For live chat, we can do better.
Agreed. Peter -- Peter Saint-Andre XMPP Standards Foundation http://www.xmpp.org/xsf/people/stpeter.shtml
smime.p7s
Description: S/MIME Cryptographic Signature
