[Standards] Any protocol to request encrypted connections?

[Matthias Wimmer]

Hi Peter!

Peter Saint-Andre schrieb:
>
>> In general: I think we should start thinking about better identity 
>> verification of the destination of a XMPP link. On s2s connections 
>> using dialback we currently have NO verification, that the 
>> destination is the server we expect it to be.  An attacker, that is 
>> able to reroute a
>> connection to his own server (either by modifying the DNS entries of 
>> the destination server or by hijacking the connection at the IP 
>> layer) will get the stanzas, that are addressed to the attacked entity.
>
> Does TLS + SASL address your concern?

Depends. A client using TLS without client certificate and using SASL 
without a security layer does not address it. While e.g. a client 
authenticating using a TLS client cert would be okay.
>
>> With the currently deployed Jabber network, I think we are doing a 
>> better job in verifying that the source of a message cannot be 
>> forged, than verifying that the message is delivered to the right 
>> receipient.
>
> Well, and even when we verify the identity of the destination server, 
> we don't verify that the destination server is properly routing the 
> stanza to the intended recipient. But I'd think that encrypted 
> sessions would help here.
>

I don't want to address the usecases of e2e by my question. One of the 
use-cases I have in mind is more light-weight. I thought, that you might 
e.g. operate a company server, that can be accessed from the public 
internet as well. But some of the data you send to your clients should 
only be sent out, if the connection to the client is protected. It would 
be helpful if the sender of such information/events could just pass an 
indication, that this data should only be forwarded if the destination 
is verified.


Matthias