[Pidgin] EndToEndXMPPCrypto modified

Pidgin trac at pidgin.im
Sat Jan 25 20:47:31 EST 2014


Page "EndToEndXMPPCrypto" was changed by elb
Diff URL: <https://developer.pidgin.im/wiki/EndToEndXMPPCrypto?action=diff&version=3>
Revision 3
Changes:
-------8<------8<------8<------8<------8<------8<------8<------8<--------
Index: EndToEndXMPPCrypto
=========================================================================
--- EndToEndXMPPCrypto (version: 2)
+++ EndToEndXMPPCrypto (version: 3)
@@ -24,3 +24,5 @@
   * A cryptographically secured authentication mechanism for the above items (may, in this case, be a self-signature using the key material itself)
  There may be additional room for integration here; for example, authentication of the basic presence information is also desirable, but I do not consider it a strict requirement.
  * '''Streamlined one-on-one Chat.'''  An equivalent protocol to the XMPP simple <message> stanza with a cleartext <body>, only encrypted and authenticated.  The point of this protocol is to minimize overhead for typical one-on-one chat, for the benefit of mobile and bandwidth- or computationally-constrained clients.
+ * '''Arbitrary protected stanzas.'''  A method should be provided for protecting arbitrary end-to-end XMPP stanzas, either with only authentication or with both authentication and encryption.  An example mechanism supporting this point would be an e2e encrypted data stanza simply containing a standard XMPP stanza that has been encrypted and authenticated that is unwrapped at the receiving client and then processed as if it had been in place of the encrypted stanza.  Existing standards and best practices for encrypting partial XML documents should be consulted.
+ * '''A plurality of key authentication mechanisms.'''  The public key exchange mechanism should allow for multiple disparate authentication methods to be communicated.  For example, an S/MIME signature using a PKI x.509 certificate and a GPG signature of the same key material might be provided, along side whatever native signing protocol is used.  These authentication mechanisms should be readily extensible and have enough structure that useful mechanisms can be clearly defined.
-------8<------8<------8<------8<------8<------8<------8<------8<--------

--
Page URL: <https://developer.pidgin.im/wiki/EndToEndXMPPCrypto>
Pidgin <https://pidgin.im>
Pidgin

This is an automated message. Someone added your email address to be
notified of changes on 'EndToEndXMPPCrypto' page.
If it was not you, please report to datallah at pidgin.im.


More information about the Wikiedit mailing list