[Security] TLS Certificates Verification

Peter Saint-Andre stpeter at stpeter.im
Wed Aug 20 11:30:22 CDT 2008


Jonathan Schleifer wrote:
> Peter Saint-Andre <stpeter at stpeter.im> wrote:
> 
>> Not necessarily. There's still SOCKS5 Bytestreams through a proxy, or 
>> ICE-TCP. Or you could switch to a different server. If a server admin 
>> does something that prevents e2e encryption and their users care
>> about this feature, the users will complain. And even if IBB is
>> blocked we could define yet another even simpler in-band method (even
>> "bits of binary" as defined in XEP-0231). But of course server admins
>> could block that, too. And nothing stops a server admin from blocking
>> ESessions, either!
> 
> I should be more specific here: My server only has the bandwith to
> transfer small data like text, not BLOBs. 

So we could even use XEP-0231, since we'll use that anyway for other 
purposes (emoticons, in-band images for XHTML, etc.).

> Thus I don't want Jingle IBB,
> because I never want video or files inband. But I want encryption
> inband!
> So I'm for having something not using Jingle IBB!

So we define yet another Jingle transport method (for "BoB" / XEP-0231) 
and advertise that during the negotiation. Jingle is pluggable.

> Oh, and it's possible that I only allow connections to the Jabber
> server for security reasons, so not even a proxy would work.
> 
>> Is "I" the server admin or the client user?
> 
> Both.
> 
>> In your client you don't disable IBB for everything, you disable it
>> for video and file transfer but not e2e streams.
> 
> I'm talking about server-side here.
> 
>> That's easy for a server admin to block, too.
> 
> Yes, but no need to block encryption if you just don't want huge data
> transferred via IBB. Encrypted text is not huge. But Jingle IBB is
> usually for larger stuff.

So use BoB:

<message
      from='romeo at montague.net/orchard'
      to='juliet at capulet.com/balcony'
      id='msg1'>
   <body>
     This message is encrypted. If you see this text,
     something went wrong
   </body>
   <data xmlns='urn:xmpp:tmp:bob'
         cid='f81d4fae-7dec-11d0-a765-00a0c91e6bf6 at shakespeare.lit'
         max-age='0'
         type='text/plain'>
     qANQR1DBwU4DX7jmYZnncmUQB/9KuKBddzQH+tZ1ZywKK0yHKnq57kWq+RFtQdCJ
     WpdWpR0uQsuJe7+vh3NWn59/gTc5MDlX8dS9p0ovStmNcyLhxVgmqS8ZKhsblVeu
     IpQ0JgavABqibJolc3BKrVtVV1igKiX/N7Pi8RtY1K18toaMDhdEfhBRzO/XB0+P
     AQhYlRjNacGcslkhXqNjK5Va4tuOAPy2n1Q8UUrHbUd0g+xJ9Bm0G0LZXyvCWyKH
     kuNEHFQiLuCY6Iv0myq6iX6tjuHehZlFSh80b5BVV9tNLwNR5Eqz1klxMhoghJOA
   </data>
</message>

All that changes is the namespace, but if it makes you happy we can 
define a way to do that.

>> <message
>>      from='romeo at montague.net/orchard'
>>      to='juliet at capulet.com/balcony'
>>      id='msg1'>
>>    <body>
>>      This message is encrypted. If you see this text,
>>      something went wrong
>>    </body>
>>    <data xmlns='http://jabber.org/protocol/ibb' sid='mySID' seq='0'>
>>      qANQR1DBwU4DX7jmYZnncmUQB/9KuKBddzQH+tZ1ZywKK0yHKnq57kWq+RFtQdCJ
>>      WpdWpR0uQsuJe7+vh3NWn59/gTc5MDlX8dS9p0ovStmNcyLhxVgmqS8ZKhsblVeu
>>      IpQ0JgavABqibJolc3BKrVtVV1igKiX/N7Pi8RtY1K18toaMDhdEfhBRzO/XB0+P
>>      AQhYlRjNacGcslkhXqNjK5Va4tuOAPy2n1Q8UUrHbUd0g+xJ9Bm0G0LZXyvCWyKH
>>      kuNEHFQiLuCY6Iv0myq6iX6tjuHehZlFSh80b5BVV9tNLwNR5Eqz1klxMhoghJOA
>>    </data>
>> </message>
> 
> This is ok with me.
> 
>> There's nothing special about ESessions in this regard.
> 
> Yes, the <body> is something we only added in Gajim.

Last I checked, <body/> is defined in RFC 3921. Nothing special there, 
but a good implementation note if you're sending this stuff in a 
<message/> stanza.

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080820/121cae95/attachment.bin 


More information about the Security mailing list