[Jingle] S5B and MUCs

Peter Saint-Andre stpeter at stpeter.im
Wed Oct 14 21:02:28 CDT 2009

Hash: SHA1

On 10/6/09 2:29 PM, Justin Karneges wrote:
> On Tuesday 06 October 2009 13:49:46 Marcus Lundblad wrote:
>> There was some discussions about the inability of using S5B (jingle or
>> SI) within MUCs, since the receiver will not see the other party's
>> actual JID, thus they will generate different "hostnames" for the stream
>> connection (SHA1 hash of SID+Iniator JID+Receiver JID).
>> Could we not just specify that the hash of the Jingle session ID (sid)
>> should be used in the case of XEP-0260?
>> This would make it unambigious as what to send and expect for both
>> parties, AFAICS.
>> Or am I missing something here?
> Obviously if we change the way to generate the hash then the problem is 
> solved.  You are not missing anything there.  I guess nobody cared to propose 
> such a solution yet.
> You propose hashing the sid instead of sid+jids.  This would fix it, but I 
> wonder what drawback that has.  Certainly the jids were hashed for a reason.

If I recall correctly, the idea was that even if a MITM gains access to
the SID, he can't fake the target's "from" address when sending to the
proxy. Using only the SID weakens the security profile a bit. Whether we
are deeply concerned about MITM attacks here is another question. Maybe
we could use the SID but specify that you should encrypt the signalling
to ensure that a MITM could not masquerade as the target. That does not
help during bootstrapping of an XTLS session, though. Another approach
would be to say that you hash either the SID+Initiator+Target or the
mere SID, and the proxy needs to check both. (Another potential security
problem is the lack of hash agility here...)


- --
Peter Saint-Andre

Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the Jingle mailing list