[JDEV] Re: Jabber sigs/crypto

Jeremie jeremie at jabber.org
Fri Feb 19 09:44:35 CST 1999


> > Hmmm...I'm not sure of an obvious way around this right now, but this seems
> > to be an unacceptable (to me at least) requirement...if I were a user of a
> > problem like this and was told 'yeah, type your message here, but whatever
> > you do, don't start with this particular string'...it just would give me
> > the impression that the system was somehow shoddy.  There must be one way
> > or another around it...
> 
> I agree with this. The jabber protocol is specified by xml tags, it would
> be relatively easy to simply add it as an option to a <message
> encrypted="yes"> tag. 

Well, I'd like to avoid extending the protocol for specific purposes, but
instead use the built in extension mechanisms.

A message looks like this:
<message>
 <to>jeremie</to>
 <subject>Hey!</subject>
 <say>This is just a test message.</say>
</message>

To extend it, you just have to add:
 <ext>ANYTHING CAN GO HERE</ext>

So, a signed message *could* be:
<message>
 <to>jeremie</to>
 <ext>
  <secure>
   <sig type="whatever">asdf asdg ashqrtq134643yqd</sig>
  </secure>
 </ext>
 <subject>Hey!</subject>
 <say>This is just a test message.</say>
</message>

Or, based on above, you could put just about anything you wanted between
the <secure></secure> tags.  Everything the the <ext></ext> gets passed
right through the server untouched.  I'm guessing that different projects
for different purposes will create their own little "namespace" within the
ext tags, such as the security/encryption stuff might use
<secure></secure>.

> > Yeah, so this is what I was talking about earlier...if the Jabber server
> > needs to verify a digital sig for every user as they log on, will this
> > place an unacceptable processing burden on the server's CPU?  (or in other
> > words will server scalability suck because of this processing overhead)  I
> > think I need to do some investigation into how fast verification is with a
> > variety of algorithms.
> 
> We currently verify a user based on a login name and password. Surely the
> digital signature can be incorporated into some type of password scheme.
> Verifying the digital signature shouldn't be any more computationally
> intensive than verifying a password, ideally anyway.

Well, wouldn't the digital sig used for authentication just BE the
password?  Such as:
<login>
 <user>myuserid</user>
 <pass>Q#$^@#%Yqfdgq346 My DIGITAL SIGNATURE</pass>
 <nick>My NickName</nick>
</login>

This would work GREAT, because the user/pass is fed to the module API so
you could just have an optional "secure" module that allows you to have
digital sigs as the password and authenticates the user.

Jer




More information about the JDev mailing list