[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [JDEV] Transport<->Jabberbox validation..



> 	Well, I've spent a fewhours hacking out the socket code for the Windows
> client (It actually CONNECTS and sends/recieves stuff now).  Ideas have
> popped up in doing so..

Awesome, sounds like fun :)

> 	How will the transports validate with jabberbox? We don't want transports
> to blindly be able to attach to jabberbox's.  That be bigum moola bad..  I
> [message compressed]
> jabberbox's..  How will the server validate each other?

Jabber takes the same approach as email when it comes to other servers.
Basically, the JabberBox accepts incoming connections from any transport
that connects to it.  It just operates as a "router" and tries not to get
involved in the data that it's routing, and the Jabber Transport will just
deliver the data to the client.

Jabber is not going to inherently be any safer than email is, but if you
want guaranteed safety it should be easy using mod_digsig and a client
that understands crypto :)

Besides, because of Jabber's fundamental design that allows the
transparent connectivity to other IM systems, you have to allow for the
levels of security in those systems, which might as well not be considered
 "security", *grin*.

Jer