[Foundation] Let's propose JEP-0046 (DTCP)

Jan Niehusmann jan at gondor.com
Wed Dec 4 13:52:50 CST 2002


On Wed, Dec 04, 2002 at 12:43:05PM -0600, Casey Crabb wrote:
> Currently someone who is able to listen to (but not alter) the jabber
> server connection can act as the listener for a dtcp connection and
> successfully establish the dtcp connection.

But almost anybody who can listen to the jabber stream can alter it, as
well. 

If you are on a router handling the traffic, man-in-the-middle is
trivial. If you happen to be on a network segment where you can read the
traffic, but not directly change it, you can redirect the traffic
through your own system by arp spoofing attacks.

> Some key should be sent over the dtcp connection which has to be echoed
> on the jabber connection so that you are sure either
> 1) this is the correct person    or
> 2) Someone has the capability of altering data in the jabber stream (in
> which case you can not trust anything).

A jabber user who is concerned about people hijacking his DTCP connection, 
should probably start securing his setup by using SSL on the jabber 
connection.

And DTCP can do TLS, which already includes the facility to do strong
authentication. What we are missing (IMHO) is some generic way to tie
keys (TLS certificates as well as GPG keys) to jabber IDs. 

Jan




More information about the Members mailing list