Re: [Fed-Talk] security in iChat
Re: [Fed-Talk] security in iChat
- Subject: Re: [Fed-Talk] security in iChat
- From: "Walls, Bryan K. (MSFC-IS30)" <email@hidden>
- Date: Fri, 6 Feb 2009 13:33:00 -0600
On Feb 6, 2009, at 12:02 PM, Joel Esler wrote: On Fri, Feb 6, 2009 at 12:48 PM, Walls, Bryan K. (MSFC-IS30) <email@hidden> wrote: I'm trying to figure out the security characteristics of iChat. Could someone help me know if I have the following right or wrong? Text chat using AIM credentials travels over SSL. However, content goes through AOL servers and could be viewed there. Shouldn't be considered in any way secure.
So you don't want to assume Trusted operator with AOL? Check out OTR. Google "iChat OTR Plugin".
I did Google that. Looks interesting, if clunky. I hate to add yet another level version of encryption.
However, in Googling I found the following in a thread at MacOSXhints.com:
That's very interesting in principle. It must not be quite that simple, though. I matched a Common Name in an AIM account with a valid cert on my machine, and didn't get the option. I'm guessing the "email" that is your im address would have to be in your certificate, perhaps? Video/Audio chat using AIM credentials actually sets up a point to point connection between users. This is done in the clear?
Well, it's audio and video, so it's not like its text. I don't know if it's done "in the clear" or not, but even if you were able to intercept it, you'd have to reassemble it. Extremely difficult. Two paid MobileMe accounts can choose to conference securely. Users are issued MobleMe certs and all communication is encrypted end to end: text, audio, and video.
Correct. If using a secure Jabber server (such as the NASA Jabber server), text chat is secure end to end (would be visible on server, but assuming trusted operator). Video or audio chats initiated through a secure jabber server are again point to point and in the clear? Is there any way to use local PKI to secure to connection?
Again, Google the above. OTR, ichat plugin. -- Joel Esler T: 302-223-5974 (-) Gtalk: email@hidden [m]
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden