[JDEV] General Jabber Questions
mark at mjwilcox.com
mark at mjwilcox.com
Sun Jul 30 10:02:18 CDT 2000
On 30 Jul 00, at 3:38, Schuyler Heath wrote:
>
> > 2) Is there any way in the process of adding someone to your
> > roster/requesting a subscription to find out what their nickname is?
> > I know there is a nickname field in the vCard, but for most of the
> > clients I have seen you have to make up a nickname when you are adding
> > someone. Is there an elegant way to handle this?
> >
> Clients should do a vCard lookup and use the nickname field as the
> default. But some clients don't support vCard yet.
Once we get LDAP support added and your server has the
necessary support, then the necessity of user registration will be
minimized if your users already are in LDAP.
Then their nicknames can become whatever LDAP attribute you
wish it to be (e.g. it could be their uid or their name).
>
> >
> >
> > 3) Has anyone come up with a standard client-to-client encryption
> > standard that is recommended for each client to support? I believe
> > encryption is left up to the client, but I am very worried that unless
> > this is coordinated it will result in the same insecure incompatible
> > mess that we currently have with email encryption systems. I seem to
> > remember (from years ago) that the original vCard spec included a
> > field for a public key of some sort. If we could use this to
> > implement a PGP (style) encryption method that would be very nice.
> > Maybe someone could point us to some standard Win32 libraries so that
> > we are all using the same method.
> >
> Not yet, but we are working on doing this and PGP is a definite possibility.
It should be possible to support multiple encryption standards.
VCard has been built to support more X509 (SSL certificates) than
PGP, though this is not required.
Probably best bet will be for Jabber to default to X509 (there's more
infrastructure now to support X509 than PGP such as Verisign,
Entrust, openCA,etc) but allow for optional encodings via the TYPE
parameter in the KEY attribute.
e.g.:
KEY;PGP:=BASE64_PGP
KEY;X509:=PEM (for PEM encoded X509, this is like BASE64
accept that it has a header & footer lines liek "BEGIN
CERTIFICATE")
That's standard VCARD, I'm not sure how the XML will look like
perhaps;
<key type="PEM">
....
</key>
Mark
Mark Wilcox
mark at mjwilcox.com
Got LDAP?
More information about the JDev
mailing list