On Tue, Mar 15, 2011 at 8:20 AM, David Núñez <[email protected]> wrote: > The idea is to use the XMPP servers as Key Generation Centers (KGC), since > they already provide procedures for user authentication. Thus, the project > would have to develop the server components required to issue private keys to > users, among others. I think that the fact that the JID of the user you want > to securely communicate could act as a public key is interesting to the XMPP > protocol.
Yes, this does not add any value over a standard PKI system. -Ekr > However, I am aware that there have been several responses to my proposal, > and it seems that it is not very interesting to XMPP. I would like to thank > you for your thoughtful insights. As one of you suggested in a previous > response, I will study in more depth the current problems in end-to-end > communication in XMPP and try to propose something else. I was hoping to > participate in this Google Summer of Code edition. Any ideas that could be > arranged as a proposal? > > Best regards, > David. > > El 15/03/2011, a las 15:47, Eric Rescorla escribió: > >> On Tue, Mar 15, 2011 at 7:14 AM, David Núñez <[email protected]> wrote: >>> Thank you for your response. Respect to your first point, one advantage of >>> the proposed scheme is that it is an alternative to digital certificates >>> and its associated distribution infrastructure, as it relies on the >>> identity of the users as public keys. >> >> I don't know what this means. An IBE system requires a central key >> generation server which needs to >> verify users identities and only issue keys when appropriate. The >> processing done by the KGS looks >> very much like that done by a CA. >> >> The primary advantage of an IBE system is that you can encrypt to >> people whose credentials you >> don't have (and may not even have any yet). However, since this is a >> real-time exchange, that benefit >> does not applyhere. >> >> -Ekr > >
