The 10.4.3 update adds encryption support to iChat. Unfortunately it only adds it for people using AIM accounts from mac.com. This is an artificial limitation, as these accounts are using the same AIM servers.
I don't know what type of encryption this uses, but I hope that it uses something compatible with the other IM encryptions (i.e. Gaim-Encryption)
[via TUAW]
For now it's .Mac to .Mac only. It actually uses certificates generated by Apple servers for .Mac users, so I don't know if it will be compatible with other clients any time soon.
ReplyDeleteIt's not an artificial limitation. Encryption requires some form of "shared secret" between the two participants, and the only practical way to set that up is with certificates containing public keys. There's no general, convenient mechanism for acquiring such certificates (both Verisign and Thawte make you pay and jump through hoops) but Apple can set one up for mac.com addresses since it assigns them.
ReplyDeleteFirst impressions suggest that .Mac users can also use their certificate for signing and encrypting messages in Mail. Unfortunately you can't encrypt your reply to them. (Possibly because the iChat certificate name isn't the complete e-mail address but just the .Mac user name).
ReplyDeleteNaturally I like the idea that .Mac users could get easy access to such certificates through this mechanism. But it doesn't really work smoothly yet.
Is it known what the requirements are for iChat to use a certificate and how to create such a certificate? Does it need special extensions or does it even need to be issued by the .Mac CA?
All this seems to be a bit unclear at this stage.