Content deleted Content added
Added tags to the page using Page Curation (stub, uncategorised, unreferenced) |
No edit summary |
||
Line 6:
The SixChat messaging protocol was created by Lawrence E. Hughes, co-founder and CTO of Sixscape Communications, for their SixChat Internet application software. The new protocol allows two SixChat User Agents to connect directly, perform mutual authentication with X.509 client digital certificates and then securely exchange a symmetric session key (for encryption of all content). SixChat uses the company’s [[Identity Registration Protocol]] (IANA assigned port 4604) for address registry and retrieval, as well as [[Public Key Infrastructure]] functions (to obtain and use client digital certificates).
End2End Direct messaging requires globally routable ("public") IP addresses for all nodes involved. It is incompatible with NAT (Network Address Translation). It can work within a private internet (a subset of the IPv4 Internet that uses a flat address space with no NAT), or between any two nodes on the public IPv6 Internet. NAT prevents incoming connections, so any user to user messaging must use intermediary servers.
It would be possible to use DNS for nodename resolution (mapping nodenames to IP addresses) for End2End Direct messaging, but DNS is increasingly insecure, has no per-user authentication for registration or updating, and takes a long time to propagate. IRP provides a highly secure address registry with per-user authentication (usually using X.509 certificate based Strong Client Authentication). Registered information is immediately available.
The SixChat End2End Messaging protocol is a stream protocol (tcp based, connection oriented). It cannot be secured with TLS, which is an inherently Client/Server technology. It provides mutual strong authentication using only X.509 client digital certificates (no server cert involved), and symmetric session key exchange (via public/private key encryption or Ephemeral Diffie Hellman Key Exchange). It is based on the design of TLS, but is not Client/Server, rather between peers. Unlike TLS, it lies entirely within the Application Layer the messages are based on XML.
{{uncategorised|date=April 2015}}{{stub}}
| |||