[Operators] SSL trust in XMPP world

Dave Cridland dave at cridland.net
Thu Sep 3 10:29:59 UTC 2015

Notaries are CAs, except that a CA validation might potentially be
something beyond TOFU, and the assertion lifetime is well-defined. On the
other hand, the CA is picked by the service.

There's a number of approaches to identity validation given an X.509
certificate chain. Not all of them are valid in any particular environment.
I think that notaries are useful additions, in part because a notary system
would reduce the TOFU nature of pinning - but without pinning, it's pretty
fragile and arbitrary.

As a very specific note about Convergence, the model used by Convergence is
that endpoints are told not to worry their pretty little head about a
thing, and entirely trust the notary; this is in marked contrast to
thinking elsewhere (such as DNSSEC, PKIX itself, SCVP, OCSP, etc) where any
remote validation result is accompanied by proof, and that proof is
evaluated locally.

For example, with SCVP - which essentially matches the use-case - the SCVP
server builds the PKI chain and finds revocation status information for the
client via a number of means, but presents the completed chain and
revocation information to the client to check.

An alternative method would be to assume a number of notaries may be
compromised, and use sufficient to ensure this doesn't matter - essentially
making this Byzantine fault tolerant. (Assuming the usual notation, that'd
2f+1, so you ensure that correct responses outnumber faulty ones). But the
problem then is that if a Notary can implement arbitrary tests, and one of
your notaries has a test which demonstrates an error on the target service,
you'd probably want to act differently.

So overall, I'd prefer to stick to pinning information, and leave the other
validation work in the client.

On 3 September 2015 at 10:19, Peter Viskup <skupko.sk at gmail.com> wrote:

> Hi all,
> we know there still are issues with CA-signed and self-signed
> certificates. Self-signed certificate was the main reason for not accepting
> our server into the list of public XMPP server.
> From my perspective it would be great to implement XEP similar to
> Convergence [1]. That could solve at least some of the issues with
> certificates we have at the moment. On the end the CA-trust-lists would be
> removed from the clients and servers would be able to check the validity of
> certificates for s2s connections.
> Didn't dive deep into the problem, but seems promising to me.
> Anyone already thinking of or working on it?
> [1] http://www.convergence.io
> --
> Peter Viskup
> admin of jabber.sk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20150903/d316d80c/attachment.html>

More information about the Operators mailing list