On Tue Jun 2 18:56:35 2009, Jonathan Schleifer wrote:
What if DSA gets completely broken someday? Then we're screwed. And
if
we want to be algorithm-independant, we need to implement something
very similar to OpenPGP anyway.
Or TLS.
Which, incidentally, can use PGP keys.
But in any case, I don't think the crypto is actually the tricky bit
with single-message stuff, it's formatting, since ideally you want to
sign everything (including <iq/>) in a way that lets those signatures
be ignorable to naïve actors, which is going to be a tough one to
solve. (Easy for messages, but impossible for <iq/> as far as I can
see.)
Dave.
--
Dave Cridland - mailto:[email protected] - xmpp:[email protected]
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
