It really depends what threats you are concerned about, Steffen.
I briefly looked at a Mumble project, which uses IM over Tor, when it
was mentioned on the IETF perpass list. Here were my thoughts:
http://www.ietf.org/mail-archive/web/perpass/current/msg00215.html
Ciao
Hannes
Am 18.11.13 13:38, schrieb Steffen Larsen:
Hi,
On 18 Nov 2013, at 13:07, Andreas Kuckartz <a.kucka...@ping.de> wrote:
Simon Tennant:
IMHO, e2e security would probably make more sense as a XEP and working
group that has the time to zoom into all the implementation details.
Can that be solved by an XEP ?
What about this IETF draft? (I still have to read it)
End-to-End Object Encryption and Signatures for the Extensible Messaging
and Presence Protocol (XMPP)
draft-miller-xmpp-e2e-06
https://datatracker.ietf.org/doc/draft-miller-xmpp-e2e/
There exist people who mention XMPP as belonging to "faulty
technologies" for which they want to create alternatives:
http://youbroketheinternet.org/
And I try to find out what can be done to improve XMPP regarding
security and privacy.
Well you can “always” run XMPP on top of TOR if you like that, if it is the S2S
routing that bothers you. :-)
Cheers,
Andreas
On 18 November 2013 10:30, Andreas Kuckartz <a.kucka...@ping.de
<mailto:a.kucka...@ping.de>> wrote:
Peter Saint-Andre some time ago wrote:
On 7/16/13 4:27 AM, Carlo v. Loesch wrote:
Since XMPP isn't suitable for keeping meta-data private I would
presume that e2e privacy is out of scope for this mailing list,
really.
True.
Where would the topic e2e privacy for XMPP be "in scope" ?
Cheers,
Andreas
/Steffen
