[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [DotGNU]Encryption protocols
|
From: |
Stephen Compall |
|
Subject: |
Re: [DotGNU]Encryption protocols |
|
Date: |
Sat, 15 Mar 2003 15:58:16 -0600 |
|
User-agent: |
KMail/1.5 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday 11 March 2003 06:02 pm, Norbert Bollow wrote:
> We can use TLS for the connection to the Jabber server.
As, presumably, traffic is already encrypted for the ultimate recipient,
is it really necessary to encrypt traffic between the Jabber server and
either end of the connection? There are only two useful outcomes of
this, the way I see it:
1. password is encrypted. So why encrypt the entire session?
2. recipient is encrypted; people sniffing the Jabber connection can't
see to whom the data is addressed. But they can over a direct TLS
connection anyway, which is the other alternative (and will surely
happen).
- --
Stephen Compall - Also known as S11001001
DotGNU `Contributor' -- http://dotgnu.org
Jabber ID: address@hidden
"Control over the use of one's ideas" really constitutes control over
other people's lives; and it is usually used to make their lives more
difficult.
-- RMS, "GNU Manifesto"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+c6H82AceYinZ4EgRAixSAJ9mAKBkSDMGyP2en+8V0M4aaRMLpACdEH4R
LEDtoHEN++8O1uHJ2xy6uew=
=iSR7
-----END PGP SIGNATURE-----
Re: [DotGNU]Encryption protocols, Peter Minten, 2003/03/09
Re: [DotGNU]Encryption protocols, Chris Smith, 2003/03/10