[JDEV] Signed Presence

David Bovill david.bovill at opn-technologies.com
Thu Aug 16 11:49:03 CDT 2001

>From the Draft Protocol...


These namespaces are used to sign and encrypt messages and presence for
end-to-end security. They are most secure when performed at the client
level, but could optionally be supported and used by a trusted server. The
crypto information is contained in the jabber:x:signed or jabber:x:encrypted
namespaces. The contents are the armor'd output from GPG or PGP, and have
all of the header and wrapper text removed (it serves no purpose within this
context). Any future additional encryption schemes other than PGP/GPG should
utilize their own namespace(s) to exchange data.

Someone please add implementation notes (gui hints, chat-level options and
suggested guidelines, etc).

Signed Presence

The status element of presence is the CDATA that is signed:

<presence from='pgmillard at jabber.org/wj_dev2' to='jer at jabber.org'>
  <x xmlns='jabber:x:signed'>

A couple of questions:

    1) In the above example is the signature generated from the text of the
entire message ( less the <x xmlns='jabber:x:signed'>.....</x> bit?

    2) If I use my own encryption scheme do I use a name space like:
        "<x xmlns='anything:I:like'>

    3) If I can't easily build in PGP/GPG into my client can I use a server
to verify the signature via messaging? In other words can someone intercept
the message and pretend to be the server? Any links on these issues would be

I'd like to include a standard way of specifying the encryption scheme,
perhaps with some secure way of obtaining the new scheme if the client does
not yet support it - sort of encryption scheme upgrade path?

More information about the JDev mailing list