[JDEV] silcnet.org

[Dave Waite]

I've looked at it just barely (looked at the site, read the whitepaper, 
etc)..

I think when people start to think about how to provide encryption on 
top of Jabber conference systems, it will be a good source of 
information on different ways to do it. On the other hand, I disagree 
with the amount of encryption being done by the server, and that by 
default channel communications are encrypted with a single channel key 
which is owned by the cell servers, meaning that these servers are 
trusted. Its my philosophy that the clients within the channel should 
know the identity of people they are communicating with; and that the 
clients should do the encryption of the room, based on a shared key 
generated between the clients. The Security JIG and the (hopefully 
soon-to-be-formed) Conferencing JIG would both be good places to discuss 
alternatives on this.

-David Waite

Michael Brown wrote:

>Has anyone looked at SILC?  Does it relate in any way to the Jabber
>groupchat?  Similar at all?
>I notice it claims to be secure - does this hold up, and if so is it
>anything that could be reused to improve security in Jabber?
>
>Michael.
>
>_______________________________________________
>jdev mailing list
>jdev at jabber.org
>http://mailman.jabber.org/listinfo/jdev
>