Icq

Lionel Elie Mamane lionel@mamane.lu
Sun Nov 10 05:06:02 2002


--2fHTh5uZTiUOsy+g
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Nov 09, 2002 at 06:20:01PM -0500, David Shaw wrote:

> Note that the "gabber" Jabber client uses GnuPG for encryption.  I
> don't use it myself, but I have heard it is quite nice.

Yes, indeed, it works quite well, except it will silently fail if your
key is expired or such, and send empty messages to your
correspondent. Confusing at first :)

Please note that the way it does it looks open to man in the middle
attacks to me. I never checked entirely, but from its stderr output it
looks it encrypts the messages to whatever key has signed the presence
it received.

Oh, and I never had it working with a passphrase on the key. So I use
it with short-lived keys I use only for that.

> I believe the gabber folks plan to remove GnuPG support and replace
> it with something Jabber-specific.

http://gabber.sourceforge.net/manual/GABBER2.php says:

	- either remove GPG support completely
		- or switch to GPGME (assuming it actually works)
	- temas should get going on the new Jabber encryption standard
		- and we should support that primarily

--=20
Lionel
--2fHTh5uZTiUOsy+g
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj3N22AACgkQscRzFz57S3OlDwCdGFAp89hikdnElnhnYa5eM1pE
Rd4AoNDe6uy9BoNl1tdDQaACl21Jq1O4
=AZHD
-----END PGP SIGNATURE-----

--2fHTh5uZTiUOsy+g--