[jdev] manifesto 0.4
holler at ahsoftware.de
Thu Nov 7 21:07:20 UTC 2013
On Thu, Nov 07, 2013 at 08:53:38AM -0800, Matt Miller wrote:
> On Nov 7, 2013, at 7:20 AM, Alexander Holler <holler at ahsoftware.de> wrote:
> > I think a realistic solution is to show users the state of their
> > communication and therefor make the aware of the fact if e.g. a message
> > is believed to have traveled secure or unsecure ways.
> > That's already mentioned in the manifesto and I like that a lot.
> > A possible solution could be to add an attribute to messages (or all
> > stanzas) which details the used communication way and the used
> > encryptions to transport that message/stanza. I don't know if such was
> > already written down in an XEP, but I would like that a lot.
> That has came up in some side discussions at the IETF meeting in Vancouver.
> XEP-0334, while specifically for <message/> stanzas today, might be able to
> provide such a flag (e.g., <require-tls/> or some such).
Thanks for pointing me at that XEP. Looks nice. But I meant it more in a
documentary way, something like (multiple) <received-through encryption=foo trust=bar/>
where trust is something to qualify to certificate and encryption is obvious.
That would not help against weak encryption, but it would make users aware that
the transport for the message was believed to be trustworthy or not. Currently
a user has no chance to see what way a stanza took.
In regard to this, even e-mail is better (at least when one looks at the
headers). Of course, to make it really usefull, xmpp-clients will have to display
something like a level of trust/encryption for every message. Usually that level
would be the lowest one of those <received-through/>. And how to transform that
into something like (easy to read by normal people) "trust-points", could be
specified by an XEP. Here I would suggest to make 0 the lowest number of trust/encryption
with no upper limit. So if some new strong encryption would appear, it just would
get a (possible new) number higher than those of the existing encryptions.
The point here is to make it easy for users to spot if they used weak encryption
without the need to be an expert in encryption. That would help to make people
more sensible in regard to weak transports, because they would be able to see
it without having to look at complicated headers, stanzas or attributes.
More information about the JDev