[Telepathy] XMPP: OpenPGP SASL mechanism
Simon McVittie
simon.mcvittie at collabora.co.uk
Wed Apr 17 08:50:40 PDT 2013
On 17/04/13 16:18, Daniele Ricci wrote:
> Other than checking the server challenge for a specific syntax, is
> there any other way to make this secure? How do I prove that client
> has the private key it claims to have?
I am not a cryptographer and you have no particular reason to trust me,
so if I tell you something that sounds as though it ought to work, you
shouldn't believe me anyway :-)
Sorry, but (several of the uses of) PGP keys are too important to be
doing non-peer-reviewed crypto with them.
As psa mentioned, RFC 6091 is an Internet standard. If Wikipedia is to
be believed, GnuTLS is the only widespread implementation at the moment.
S
More information about the telepathy
mailing list