[Security] TLS Certificates Verification

Peter Saint-Andre stpeter at stpeter.im
Wed Aug 20 13:24:30 CDT 2008


Jonathan Dickinson wrote:
>> -----Original Message----- From: security-bounces at xmpp.org
>> [mailto:security-bounces at xmpp.org] On Behalf Of Peter Saint-Andre 
>> Sent: Wednesday, August 20, 2008 7:19 PM To: XMPP Security Subject:
>> Re: [Security] TLS Certificates Verification
>> 
>> ...
>> 
>> As mentioned, the estimates I received indicated that a full 
>> cryptanalysis for ESessions would cost between $100,000 and
>> $200,000. That's not exactly chump change.
>> 
>> Feel free to raise that money yourself, but until we have some kind
>> of closure to these discussions, I am not about to approach
>> *anyone* for money. And given that I have slowly come to see the
>> logic of using TLS-over-XMPP, I am not enthusiastic about raising
>> large sums of money for an ESessions cryptanalysis. And presumably
>> anyone who might fork over $100k-$200k would do some due diligence,
>> read these discussion threads and the relevant specs, and ask why
>> we're not just using TLS-over-XMPP.
>> 
> 
> I was hoping someone else would latch onto that, I didn't really want
> to shoot down Jonathan's ideas. 

I don't think that people hand over $100k just because they latch onto 
an idea. Someone needs to sell them on it. I have already sold ESessions 
once and it didn't go so well:

http://www.xmpp.org/xsf/proposals/trust-proposal.shtml

Once bitten, twice shy.

> To me ESessions is a great idea, it's
> just that it will potentially take a while to get cryptananlysed and
> so on. Maybe if we just kept it on the back burner for now and
> concentrated on solutions besides it.

Not a bad idea. We'll focus on the low-hanging fruit of TLS-over-XMPP 
for a bit and see how that goes. We can always return to ESessions if 
that doesn't work out.

> This thread kinda reminds me of the good ol' days when I suggested
> binary XML ;).

Yum, broccoli ice cream! :)

> Maybe if everyone threw their suggestions into the thread right now
> (mentioned or not) so that we can all look at the options in front of
> us?

I think it's most productive to look at the various authentication 
models, as ekr suggested, rather than pushing for a particular technology.

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080820/3498b797/attachment-0001.bin 


More information about the Security mailing list