Tox.im
stef
s at ctrlc.hu
Mon Jul 7 01:41:22 PDT 2014
On Mon, Jul 07, 2014 at 09:11:24AM +0200, edhelas wrote:
> I really think that we need to focus on an existent standard and improve it,
> and for me XMPP seem to be the perfect protocol for all theses things :
> - Standard IM + chatroom
> - Video/Audio conferencing (with Jingle, we are using it with WebRTC on
> Movim)
> - Pubsub (for newsfeeds, blogging)
> - Geolocation
> - Vcard4 support
> - SASL2 authentication
> - OTR support
> - Full encryption between the servers (https://xmpp.net/list.php)
> - and so on…
i dunno, but xml based protocol (attack surface), geolocation (privacy),
video/audio conferencing (traffic analysis), etc are all attributes i do not
want in a secure communication protocol and a protocol that supports these is
considered bloated. also the huge amounts of known/guessable plaintext in xmpp
are quite worrisome. i agree NIH is bad, but xmpp is as bad for a post-snowden
adversary model.
--
otr fp: https://www.ctrlc.hu/~stef/otr.txt
More information about the cypherpunks
mailing list