From: Xianwen Chen <xianwen.chen@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Network message encryption
Date: Mon, 17 Aug 2009 17:03:12 +0200 [thread overview]
Message-ID: <9c74dfeb0908170803k75cafb8exa6c41f3f204d9476@mail.gmail.com> (raw)
In-Reply-To: <20090817093853.5f96b00f@malediction>
Hi Mike,
On 8/17/09, Mike Kazantsev <mk.fraggod@gmail.com> wrote:
>
> I'm using gajim with TLS-enabled (transport-level encryption) connection
> to the servers and built-in GPG plugin to encrypt messages, containing
> some auth info, which I occasionally have to pass.
> I believe pidgin also had support for such feature via one of the
> standard plugins.
Thanks for the information. I've checked the wikipedia page of gajim.
It's very interesting, however, I'm not a jabber user. But I'll check
it again if any friend of mine is using jabber, since the GPG plugin
is very attractive to me.
Best regards,
Wen
>
> TLS is widely-deployed on XMPP (jabber) servers, but encryption ends at
> the server in question, so it can intercept / mangle the messages, so it
> might be good idea to prefer large and reliable servers to
> possibly-compromised or malicious small ones.
> Furthermore, in case of XMPP, your (source) server is free to pass the
> message in unencrypted form to destination server, so message can be
> caught by any IP-sniffers on the route.
> Then there's also remote client connection, which can be unencrypted
> (no TLS/SSL) and likewise intercepted on TCP/IP level.
>
> GPG encryption requires clients on both sides to support it, but has
> benefit that all cryptographic operations are happening on client
> machines, so server (or any intermediate host) is unable to spoof
> conversation, provided the encryption (GPG) keys aren't compromised.
>
> --
> Mike Kazantsev // fraggod.net
>
--
Xianwen Chen
Mobile: +86 13774 228909
Email: cxi000@post.uit.no; xianwen.chen@gmail.com
next prev parent reply other threads:[~2009-08-17 15:03 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-17 2:19 [gentoo-user] Network message encryption Xianwen Chen
2009-08-17 2:47 ` Dale
2009-08-17 14:53 ` Xianwen Chen
2009-08-21 12:19 ` J. Roeleveld
2009-08-17 2:58 ` Saphirus Sage
2009-08-17 14:56 ` Xianwen Chen
2009-08-17 3:38 ` Mike Kazantsev
2009-08-17 15:03 ` Xianwen Chen [this message]
2009-08-17 11:13 ` KH
2009-08-17 11:46 ` Hinnerk van Bruinehsen
2009-08-17 15:06 ` Xianwen Chen
2009-08-17 15:05 ` Xianwen Chen
2009-08-17 17:29 ` KH
2009-08-20 0:46 ` Xianwen Chen
2009-08-17 13:09 ` Thomas Kahle
2009-08-17 15:07 ` Xianwen Chen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9c74dfeb0908170803k75cafb8exa6c41f3f204d9476@mail.gmail.com \
--to=xianwen.chen@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox