On Tue, Aug 19, 2008 at 05:13:10AM -0700, Eric Rescorla wrote: > - Support for RSA
You can use an RSA or DSA public key for authentication. > - Any form of session resumption Not sure what you mean by this, but it may be covered by the Shared Retained Secret. > - An extensions framework I'm not sure what kind of extensions you're thinking of, but I would hope that XMPP and XEP-0155 session negotiation would already provide most of the extensibility you'd want. > Oh, yeah, is there some writeup of how the stanzas are actually protected once > you've established the keys? I see how you negotiate the *encryption* > algorithm > but not the integrity algorithm and I don't see how you use either to protect > the actual traffic. Maybe I'm just reading the wrong document. That's in XEP-0200. > But if you want to provide a solution that users will > actually find tolerable, it seems to me that it would be good to actually > assess what functionality you want the system to provide and *then* > ask how it can best be provided, rather than starting with a given > protocol and say "prove to me it's not good enough". I think that's what XEP-0188 was written for (which ESessions was specifically designed to satisfy).
pgp6AMmC532rq.pgp
Description: PGP signature
