On Mon Feb 15 19:56:12 2010, Dan Brickley wrote:
Dave - can you elaborate a bit? What are the XEP-0174-related
scenarios in which a qrcode is a sensible way for smartphones to
learn
about some xmpp account's certs. I understand LAN discovery doesn't
always work, eg. when http://www.multicastdns.org/ is blocked, but I
don't know how often that's an issue.
Well, it's really so that it can securely authenticate the remote
end, but in the case of XEP-0174, it would mean that a smartphone
could confidently know that a link local entity was the same as the
TV - particularly nice if the phone had no bandwidth at the time.
But then I got to think - for most purposes, a full certificate hash
is overkill, and a simpler (and shorter) partial hash, or indeed a
one-time shared secret could be used.
So I'm toing and froing on this a bit.
Dave.
--
Dave Cridland - mailto:[email protected] - xmpp:[email protected]
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
