1 |
On Mon, 17 Aug 2009 04:19:35 +0200 |
2 |
Xianwen Chen <xianwen.chen@×××××.com> wrote: |
3 |
|
4 |
> I'm looking for a network message encryption method. Please kindly |
5 |
> tell me if you know any Instant Messenger which supports encryption. |
6 |
> Thank you very much! |
7 |
|
8 |
I'm using gajim with TLS-enabled (transport-level encryption) connection |
9 |
to the servers and built-in GPG plugin to encrypt messages, containing |
10 |
some auth info, which I occasionally have to pass. |
11 |
I believe pidgin also had support for such feature via one of the |
12 |
standard plugins. |
13 |
|
14 |
TLS is widely-deployed on XMPP (jabber) servers, but encryption ends at |
15 |
the server in question, so it can intercept / mangle the messages, so it |
16 |
might be good idea to prefer large and reliable servers to |
17 |
possibly-compromised or malicious small ones. |
18 |
Furthermore, in case of XMPP, your (source) server is free to pass the |
19 |
message in unencrypted form to destination server, so message can be |
20 |
caught by any IP-sniffers on the route. |
21 |
Then there's also remote client connection, which can be unencrypted |
22 |
(no TLS/SSL) and likewise intercepted on TCP/IP level. |
23 |
|
24 |
GPG encryption requires clients on both sides to support it, but has |
25 |
benefit that all cryptographic operations are happening on client |
26 |
machines, so server (or any intermediate host) is unable to spoof |
27 |
conversation, provided the encryption (GPG) keys aren't compromised. |
28 |
|
29 |
-- |
30 |
Mike Kazantsev // fraggod.net |