Trac is being migrated to new services! Issues can be found in our new
YouTrack instance and WIKI pages can be found on our
website.
- Timestamp:
-
Jan 26, 2014, 3:53:00 AM (10 years ago)
- Author:
-
elb
- Comment:
-
--
Legend:
- Unmodified
- Added
- Removed
- Modified
-
v7
|
v8
|
|
31 | 31 | * '''Opportunistic encryption.''' Indication of encryption and authentication capabilities should be provided in some way to clients who are not on our roster or who do not have us in their roster, so that encryption may be used opportunistically. This should include a way to exchange keys and key authentication materials. Some sort of access control may be required to prevent automated exchanges from becoming a DoS or privacy attack vector. |
32 | 32 | |
| 33 | == Other Considerations == |
| 34 | |
| 35 | It may be desirable to design the protocol such that the primary key material can be managed through an interface like that provided by {{{ssh-agent}}}. (Not {{{ssh-agent}}} itself, as I believe it handles only signatures.) IM clients are large and complicated applications with fairly large network-exposed surfaces; protecting the primary key material itself provides some defense against exploits in the client. |
| 36 | |
33 | 37 | == Relevant Protocols == |
34 | 38 | |
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!