Pedro Melo wrote: > Hi, > > On Aug 25, 2008, at 10:48 AM, Dirk Meyer wrote: > >> Jonathan Schleifer wrote: >>> Am 24.08.2008 um 20:59 schrieb Dirk Meyer: >>> >>>> You could put the stuff I added as <offer> to the disco stuff. But >>>> it >>>> must also work serverless. And when I work link-local I can not use >>>> disco#query before connecting. >>> >>> For link-local, we can just try. But opening a direct connection and >>> then trying STARTTLS and failing - that'd be stupid. So therefore, we >>> should check before opening a connection when we're not link-local. >> >> Looking at XEP-0030 I see nothing that fits. But we we use the rule >> that a client ignores a tag if it does not know the namespace and that >> you can add a tag everywhere I see two choices. >> >> The first one is to add the offer directly in disco#query: >> >> <iq type='result' >> from='[EMAIL PROTECTED]' >> to='[EMAIL PROTECTED]/balcony' >> id='info3'> >> <query xmlns='http://jabber.org/protocol/disco#info'> >> <identity .../> >> <feature var='http://jabber.org/protocol/disco#info'/> >> ... >> <feature var='urn:xmpp:tmp:tlsauth'> >> <offer xmlns='urn:xmpp:tmp:tlsauth'> >> <x509 fingerprint='certificate-fingerprint'/> >> <openpgp fingerprint='openpgp-fingerprint'/> >> <srp/> >> </offer> >> </feature> > > > Why not use: > > <feature var='urn:xmpp:tmp:tlsauth' /> > <feature var='urn:xmpp:tmp:tlsauth:x509cert' /> > <feature var='urn:xmpp:tmp:tlsauth:pgpcert' /> > <feature var='urn:xmpp:tmp:tlsauth:srp' /> [...] > Placing the signatures in the IQ-Disco itself would jeopardize the > latest advancements in Capabilities caching, and that is a bigger loss > than the overhead of fetching the signatures as a second step in the > protocol.
You are right, fingerprints do not belong here. But your idea also does not work because of the same reason. We may have the same client but since I have no OpenPGP key, me client does not support it. Dirk -- The future ain't what it used to be.
