Thursday, July 29, 2004

.:Totally:. and Jabber

In order to communicate between instances of Totally, we'll be using the Jabber protocol. It's XML based, which is great. It also offers an SSL mode of connecting to a Jabber server, so for me, that's a good thing.

And because session ID's and digital certificates will only be known to the communicating copies of Totally, it'll make it hard for a cracker to connect to a running instance of Totally using some Jabber client. They'd have to work very hard in order to fake a connection - and what will they get even if they do? A whole stream of 128bit cryptographically secure data.

I think we're safe - but I've been wrong before.







No comments: