[Jingle] Jingle / e2e security (1)
Earl
Large.Files at gmx.net
Wed Feb 11 05:51:25 CST 2009
I see several problems with self-generated X.509 certs.
I doubt that Joe or Suzy Normal has the ability to generate a
self-signed cert. All the average users that I know are *not*
capable of generating a self-signed cert with OpenSSL.
Skype is an "install and it just works" client. This is how
Jabber/XMPP clients also have to be.
If I remember correctly, OpenSSL defaults are miserable and need
command line flags or changes in config files. It does not matter since
SSL can be trivially broken by the MITM.
As Pavel mentioned, a container holding public keys is not magically
secure.
As long as ZRTP uses a recent and modern hash algorithm and sufficient
number of bits, the probability of it not detecting a MITM is quite low.
The average user has no problem with ZRTP and its SAS - and in my
opinion this method is preferred for Jabber/XMPP security.
It's easy to use and much more secure than X.509 / SSL while not costing
any more money or development time. SIP-COMMUICATOR just
demonstrated ZRTP this last weekend at FOSDEM 2009. They
started a demo each morning + the Audio-Video demo lasted the entire day,
non-stop. No loss of sync, no degradation, low latency, no crashes, and
great quality. Twinkle is another program with internal ZRTP.
ZRTP is here now, it is not pie-in-the-sky, it works, it is stable, it is
very easy to use even for newbies, and it offers *much* more security than
other proposals. The next version should be close to final release.
Its crypto engine is exactly what Jabber/XMPP needs to negotiate keys
for secure file transfer. Using this engine for voice, video, file
transfer, and
chat will save developer's time and result in optimum security, while making
a simple-to-use client for beginners and experts.
My 2 cents of opinion.
Earl
Peter Saint-Andre wrote:
> Stephen Pendleton wrote:
>
>> I'm not a security expert, but I would argue that on a practical level the
>> best part of zrtp is that it doesn't requre a PKI. It would be nice to have
>> a solution that didnt require a PKI (and isn't patent encumbered).
>>
>
> TLS, DTLS, SRTP, etc. do not require CA-issued certificates (in fact TLS
> can be used with Secure Remote Password or OpenPGP), but our working
> assumption is that clients would generate self-signed X.509 certs for
> users. Whether that qualifies as PKI depends on your definition.
>
> /psa
>
More information about the Jingle
mailing list