- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Wed, 30 Sep 2009 13:02:38 +0200
- To: Peter Saint-Andre <stpeter@stpeter.im>
- Cc: Harry Halpin <hhalpin@ibiblio.org>, public-xg-socialweb@w3.org
On Tue, Sep 29, 2009 at 6:13 PM, Peter Saint-Andre <stpeter@stpeter.im> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 9/29/09 7:56 AM, Harry Halpin wrote: > > <snip/> > > Thanks, Harry, I'm looking forward to it! This will be more of a > discussion than a formal talk, since I don't know what topics are of > interest to the team. > > Two points of clarification... > >> security (see Off-the-Record [3]) > > The XMPP community is *not* actively exploring the use of OTR as our > solution for end-to-end encryption, instead we are actively defining an > application-level profile of Transport Layer Security, which is already > supported on a per-hop basis in all XMPP clients and servers. More here: > > http://tools.ietf.org/html/draft-ietf-xmpp-e2e-requirements-00 > > http://tools.ietf.org/html/draft-meyer-xmpp-e2e-encryption-02 Looks good. I'd be interested to hear about the current state of incorporating X.509 into XMPP, and client support, if you have time to cover it ... > >> older but still interesting work combining OAuth >> with XMPP [5] in Fireeagle. > > See also here: > > http://xmpp.org/extensions/xep-0235.html > > Peter > > - -- > Peter Saint-Andre > https://stpeter.im/ > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.8 (Darwin) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkrCMhQACgkQNL8k5A2w/vwppQCfTHMZCUYe3aVzClR4AvQNtyeH > +lUAni9zcz9Utj7Yo/Z7SB6nbwwnKLpV > =s4t3 > -----END PGP SIGNATURE----- > >
Received on Wednesday, 30 September 2009 11:03:16 UTC