From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Mct3v-0002Kq-5H for garchives@archives.gentoo.org; Mon, 17 Aug 2009 03:39:11 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 872B3E0439; Mon, 17 Aug 2009 03:39:09 +0000 (UTC) Received: from mail-fx0-f211.google.com (mail-fx0-f211.google.com [209.85.220.211]) by pigeon.gentoo.org (Postfix) with ESMTP id 49A53E0439 for ; Mon, 17 Aug 2009 03:39:09 +0000 (UTC) Received: by fxm7 with SMTP id 7so2273308fxm.10 for ; Sun, 16 Aug 2009 20:39:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type; bh=JTheSN6UONGD1afXtYgi4BnaGxrgqHTgTEcmX3vZfL4=; b=LG/qiHcaB+mq7hkKBI/O2FqQxAJ5OW9rEMppvru9u370wgnkTxa/K1xz7FA1AESKS8 6INsyvC4wboBSYq+Ixl9mBBj0Rv3Bfzdf0FO7Zes7FhCMbaUHpFiQqsz0xorfnK57mAT ZXZTloLzW/KpFYpTN4ikYX0WfpQidb8jbDU0c= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type; b=O3f0FyldqEhPIreJVVo9+bxREj2C/wsqky2uYOQXoOnqLQNqSXeu17FJeoIEZIacrm AlQk0dSy2vI17RvZfwN/h825swJU1XkSu9Oum9K0jmtDdKn6IwdMme0Rvo8mzkCjBV/8 wcgQ2CHtoNyuhrOAwNvvKUMuvhjghHgiQHRfI= Received: by 10.103.242.20 with SMTP id u20mr1145852mur.0.1250480348662; Sun, 16 Aug 2009 20:39:08 -0700 (PDT) Received: from malediction (wall.mplik.ru [195.58.1.141]) by mx.google.com with ESMTPS id 25sm16914143mul.23.2009.08.16.20.39.05 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sun, 16 Aug 2009 20:39:06 -0700 (PDT) Date: Mon, 17 Aug 2009 09:38:53 +0600 From: Mike Kazantsev To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Network message encryption Message-ID: <20090817093853.5f96b00f@malediction> In-Reply-To: <9c74dfeb0908161919t4703bfb5u42bfb799da58f11@mail.gmail.com> References: <9c74dfeb0908161919t4703bfb5u42bfb799da58f11@mail.gmail.com> X-Mailer: Claws Mail 3.7.2 (GTK+ 2.14.7; i686-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/dTUIkUCvKr2jj5Ptb_tpp7K"; protocol="application/pgp-signature" X-Archives-Salt: 0ef868e7-8310-4290-8fb5-d5b7725ecc7f X-Archives-Hash: 07efe0cfda80814aae36255a9b4e38f2 --Sig_/dTUIkUCvKr2jj5Ptb_tpp7K Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Mon, 17 Aug 2009 04:19:35 +0200 Xianwen Chen wrote: > I'm looking for a network message encryption method. Please kindly > tell me if you know any Instant Messenger which supports encryption. > Thank you very much! I'm using gajim with TLS-enabled (transport-level encryption) connection to the servers and built-in GPG plugin to encrypt messages, containing some auth info, which I occasionally have to pass. I believe pidgin also had support for such feature via one of the standard plugins. TLS is widely-deployed on XMPP (jabber) servers, but encryption ends at the server in question, so it can intercept / mangle the messages, so it might be good idea to prefer large and reliable servers to possibly-compromised or malicious small ones. Furthermore, in case of XMPP, your (source) server is free to pass the message in unencrypted form to destination server, so message can be caught by any IP-sniffers on the route. Then there's also remote client connection, which can be unencrypted (no TLS/SSL) and likewise intercepted on TCP/IP level. GPG encryption requires clients on both sides to support it, but has benefit that all cryptographic operations are happening on client machines, so server (or any intermediate host) is unable to spoof conversation, provided the encryption (GPG) keys aren't compromised. --=20 Mike Kazantsev // fraggod.net --Sig_/dTUIkUCvKr2jj5Ptb_tpp7K Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) iEYEARECAAYFAkqI0NEACgkQASbOZpzyXnFDqQCgub8gSv1yF1H5Ea4RevOEy8s9 ougAoL4CWgxgCZkkLY+akiZYbNARf/Mh =+/Z0 -----END PGP SIGNATURE----- --Sig_/dTUIkUCvKr2jj5Ptb_tpp7K--