Re: [Social-p2p] P2P XMPP

[Ted Smith]

On Wed, 2010-07-14 at 16:30 +0200, Dan Brickley wrote:
> On Wed, Jul 14, 2010 at 3:30 PM, Ted Smith <address@hidden> wrote:
> > On Wed, 2010-07-14 at 09:46 +0200, Dan Brickley wrote:
> >> Hi folks
> >>
> >> Great to see this initiative; it nicely complements the
> >> StatusNet-based codebase.
> >>
> >> I wanted to float a technical possibility. There are already a few
> >> mentions of XMPP in the documentation, and in parallel other Social
> >> Web efforts are taking XMPP quite seriously. However XMPP as normally
> >> deployed typically depends on something playing a 'server' role. While
> >> there might be scenarios in which decentralised peers do more of that
> >> work, I'd like also to draw attention to "XEP-0174: Serverless
> >> Messaging".
> >>
> >> From http://xmpp.org/extensions/xep-0174.html --
> >>
> >>  "This specification defines how to communicate over local or
> >> wide-area networks using the principles of zero-configuration
> >> networking for endpoint discovery and the syntax of XML streams and
> >> XMPP messaging for real-time communication. This method uses DNS-based
> >> Service Discovery and Multicast DNS to discover entities that support
> >> the protocol, including their IP addresses and preferred ports. Any
> >> two entities can then negotiate a serverless connection using XML
> >> streams in order to exchange XMPP message and IQ stanzas."
> [...]
> > This looks really interesting - at worst, it's another transport, but I
> > think we could use it for more.
> 
> Thanks. I dropped a note to the XMPP "Social" list too,
> http://mail.jabber.org/pipermail/social/2010-July/000609.html ... both
> to seek a sanity check, and to flush out possible collaborators. I
> believe the specs around Jingle
> (http://xmpp.org/extensions/xep-0166.html) are also relevant, in that
> they're point to point. Somewhat related (and I think more
> experimental) is
> http://tools.ietf.org/html/draft-meyer-xmpp-e2e-encryption-02
> 
>  "This document specifies "XTLS", a protocol for end-to-end encryption
>    of Extensible Messaging and Presence Protocol (XMPP) traffic.  XTLS
>    is an application-level usage of Transport Layer Security (TLS) that
>    is set up using the XMPP Jingle extension for session negotiation and
>    transported using any streaming transport as the data delivery
>    mechanism.  Thus XTLS treats the end-to-end exchange of XML stanzas
>    as a virtual transport and uses TLS to secure that transport,
>    enabling XMPP entities to communicate in a way that is designed to
>    ensure the confidentiality and integrity XML stanzas.  The protocol
>    can be used for secure end-to-end messaging as well as other XMPP
>    applications, such as file transfer."
> 
> cheers,
> 
> Dan

I've heard of XTLS; however, I don't know if it'll be necessary for us,
since we're encrypted everything end-to-end already. It might be
overkill.

signature.asc
Description: This is a digitally signed message part