mirror of
https://github.com/moparisthebest/xeps
synced 2024-11-21 08:45:04 -05:00
added link to Requirements XEP
git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@695 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
parent
fd88783993
commit
e788fe2861
@ -169,7 +169,7 @@
|
||||
<section1 topic='Introduction' anchor='intro'>
|
||||
<p>End-to-end encryption is a desirable feature for any communication technology. Ideally, such a technology would design encryption in from the beginning and would forbid unencrypted communications. Realistically, most communication technologies have not been designed in that manner, and Jabber/XMPP technologies are no exception. In particular, the original Jabber technologies developed in 1999 did not include end-to-end encryption by default. PGP-based encryption of message bodies and signing of presence information was added as an extension to the core protocols in the year 2000; this extension is documented in &xep0027;. When the core protocols were formalized within the Internet Standards Process by the IETF's XMPP Working Group in 2003, a different extension was defined using S/MIME-based signing and encryption of CPIM-formatted messages (see &rfc3862;) and PIDF-formatted presence information (see &rfc3863;); this extension is specified in &rfc3923;.</p>
|
||||
<p>For reasons described in &xep0188;, the foregoing proposals (and others not mentioned) have not been widely implemented and deployed. This is unfortunate, since an open communication protocol needs to enable end-to-end encryption in order to be seriously considered for deployment by a broad range of users.</p>
|
||||
<p>This proposal describes a different approach to end-to-end encryption for use by entities that communicate using XMPP. The requirements and the consequent cryptographic design that underpin this protocol are described in <cite>Cryptographic Design of Encrypted Sessions</cite>. The basic concept is that of an encrypted session which acts as a secure tunnel between two endpoints. Once the tunnel is established, the content of each one-to-one XML stanza exchanged between the endpoints will be encrypted and then transmitted within a "wrapper" stanza using &xep0200;.</p>
|
||||
<p>This proposal describes a different approach to end-to-end encryption for use by entities that communicate using XMPP. The requirements and the consequent cryptographic design that underpin this protocol are described in &xep0207; and <cite>Cryptographic Design of Encrypted Sessions</cite>. The basic concept is that of an encrypted session which acts as a secure tunnel between two endpoints. Once the tunnel is established, the content of each one-to-one XML stanza exchanged between the endpoints will be encrypted and then transmitted within a "wrapper" stanza using &xep0200;.</p>
|
||||
</section1>
|
||||
|
||||
<section1 topic="Dramatis Personae" anchor='personae'>
|
||||
|
@ -53,7 +53,7 @@
|
||||
|
||||
|
||||
<section1 topic="Requirements" anchor='require'>
|
||||
<p>The requirements and the consequent cryptographic design that underpin this protocol and its associated protocols are described in <cite>Cryptographic Design of Encrypted Sessions</cite>. The specific objectives of this protocol include:</p>
|
||||
<p>The requirements and the consequent cryptographic design that underpin this protocol and its associated protocols are described in &xep0207; and <cite>Cryptographic Design of Encrypted Sessions</cite>. The specific objectives of this protocol include:</p>
|
||||
<ul>
|
||||
<li><p>Encryption of the full stanza content (except that which is required for stanza routing)</p></li>
|
||||
<li><p>Minimise the Perfect Forward Secrecy window by enabling light-weight renegotiation of the short-term keys without requiring a full session renegotiation.</p></li>
|
||||
|
Loading…
Reference in New Issue
Block a user