The Author Online Book Forums are Moving

The Author Online Book Forums will soon redirect to Manning's liveBook and liveVideo. All book forum content will migrate to liveBook's discussion forum and all video forum content will migrate to liveVideo. Log in to liveBook or liveVideo with your Manning credentials to join the discussion!

Thank you for your engagement in the AoF over the years! We look forward to offering you a more enhanced forum experience.

import-bot (20211) [Avatar] Offline
#1
[Originally posted by lee, john]

Recently, I tried to make this source code work and some modification
to send encrypted messages.
If anybody tried like what I think, please give some information
about encryption.I'm not to make new algorithm or something.
Java also offers some encryption methodologys.
import-bot (20211) [Avatar] Offline
#2
Re: Message encryption
[Originally posted by iain.shigeoka]

> Recently, I tried to make this source code work and some modification
> to send encrypted messages.
> If anybody tried like what I think, please give some information
> about encryption.I'm not to make new algorithm or something.
> Java also offers some encryption methodologys.

There are two ways to get secure messaging. The first is to secure the
transport layer between client and server using SSL. This is standardized to
use port 5223 and the normal SSL socket connection. Java includes an SSL
socket implementation so you just need to use the SSL socket class rather than
the normal socket class for client/server connections.

This secures communication between client and server but does not keep
messages private once they reach the server. If you don't trust the server,
then you should encrypt the messages being sent. There is a standard for doing
so which is summarized in the protocol reference appendix of the book. Links
to more information is included there.

The Jabber Software Foundation (www.jabber.org) also has several projects
underway to standardize other methods for securing Jabber communication. This
includes some new connection security standards based on SASL. This effort is
being developed under the IETF (www.ietf.org) working group for Jabber (the
IETF name for the Jabber protocol is XMPP).

Finally, you can always introduce new subpackets of message in a unique
namespace and use any encryption method you wish. You should the W3C
(www.w3c.org) which has several XML encryption standards under development.
Most are being designed with the intention of being used in SOAP/XML-RPC and
will work well inside of Jabber <message> packets.

Hope this helps.

-iain