On Tue Aug 19 22:19:31 2008, Jonathan Schleifer wrote:
"Eric Rescorla" <[EMAIL PROTECTED]> wrote:
> There's something truly ironic about someone lobbying for an
entirely
> new and unanalyzed cryptographic protocol suggesting that using
the
> most widely implemented crypto protocol in the world would be
> reinventing the wheel.
There would be several changes needed as already stated on this
list. And new XEPs would need to be created. XEPs for stuff for
which
already XEPs exist. If that's not reinventing, I don't know.
Actually, the XTLS proposal in its current form consists of XEP-0246,
which is virtually all boilerplate, and just says "negotiate a XMPP
stream", and XEP-0247, which says "figure out a way to talk to each
other using Jingle, first".
So there's new stuff, sure, but it's not reinventing by any stretch -
this stuff can be used and reused in multiple ways, not just for
end-to-end authentication and privacy. In fact, XEP-0246 just
abstracts out that part of the link-local messaging we've had for
ages.
Inventing ESessions out of the blue most certainly *is* reinventing,
or at the very least was at the time. It's hard to suggest in any
reasonable way that ESessions is going to be as strong,
cryptographically, as TLS is; it's similarly hard to propose that the
implementations of it will be as hardened as the likes of OpenSSL.
Admittedly, it's painful throwing away that volume of work, but I
think it's the right choice here.
If the additional properties of ESessions are of interest, we could
of course work toward putting them into TLS - deniability in TLS
would be instantly applicable to any other protocol which needs it,
for instance. That might include SIP, I suppose.
Dave.
--
Dave Cridland - mailto:[EMAIL PROTECTED] - xmpp:[EMAIL PROTECTED]
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
