[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[JDEV] Re: Many Messaging protocol.
On Tue, 27 Jul 1999 21:50:53 Yoni Elhanani wrote:
>"Thomas D. Charron" wrote:
>1. Encryption
>The ability to send encrypted data so it cannot be decrypted. (duh)
Primary reasoning being the export restrictions.. No, raw packets would not be encrypted, merely the data WITHIN those packets..
>2. Friends List authorization.
>Only allow certain people to know if I am online.
>VERY IMPORTANT, as today, anyone can add me to his "contact list"
>without my permission,
>and know when i am online, offline, my IP, etc.
>This is done with a certificate, which (generally) is the public key of
>the reciever, signed by the issuer.
Already done in the base jabber system.. This information is NOT presented unless you are both on each others lists..
>3. Personal data
>Data such as my home phone number will be availible to people with the
>above certificate.
Again, already complete. The server side has 'security settings' for personally stored data on the server, aka, who can access what data..
>4. Session key.
>Since the entire data will be encrypted with a session key,
>it is assumed that the person sending the data is the same one that have
>authorized before,
>since he is the only other person who knows the session key.
>this can save time on slow machines.
This is where we would have to extend our current digisig module to actually encrypt the message text, vs just signing it.
As far as I can tell, the only place we seem to part company is the level of encrypting EVERYTHING that goes thru.. Some things we simply cannot encrypt, since we are building a modular system that can communicate with other systems as well as ours. We could not really have encryption happen for the entire proccess for a converation between a jabber user and an AIM or ICQ user.
>if i want to tell people on the jabber list about pump,
>I'll have to send them my postscript file (or a tex file made by LyX,
>which makes it messy).
>So it would be better if i can link to it and just put it on an FTP
>site.
>Problem is i have nowhere to put it.... :-(
I can throw it someplace tonight that they can link to, and let you know..
>If you can either
>1. put it somewhere with public access
>2. Tell me it's ok to send large postscript files to a mailing list
>I'll be happy.
---
Thomas Charron
--== Sent via Deja.com http://www.deja.com/ ==--
Share what you know. Learn what you don't.