[Security] e2e feedback

Peter Saint-Andre stpeter at jabber.org
Tue Mar 13 16:07:50 CDT 2007


Peter Saint-Andre wrote:
> We received some initial feedback from an IETF security guru regarding 
> encrypted sessions (XEP-0116 etc.). He thinks that, based on our 
> requirements, we could simply re-use TLS semantics in XMPP syntax rather 
> than define a completely new security protocol (which is considered to 
> be a bad idea). Essentially this would treat XMPP as the transport 
> layer, so instead of doing TLS over TCP (as we do for channel 
> encryption) we would do TLS over XMPP for encrypted sessions between 
> endpoints, where we communicate TLS primitives in XML syntax.

Well, or just stuff base64 TLS data into an XML element and hand that 
off to OpenSSL, like so:

<iq from='juliet' to='romeo' type='set'>
   <tls xmlns='urn:xmpp:xtls'>base64-data-here</tls>
</iq>

/me ponders...

Peter

-- 
Peter Saint-Andre
XMPP Standards Foundation
http://www.xmpp.org/xsf/people/stpeter.shtml

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20070313/ee4a88a2/smime.bin


More information about the Security mailing list