[Security] Gajim 0.12's E2E encryption UI

Dirk Meyer dmeyer at tzi.de
Sat Aug 23 04:01:46 CDT 2008


Justin Karneges wrote:
> On Friday 22 August 2008 15:34:24 Pedro Melo wrote:
>> As for UI for the SAS exchange, I'm partial to the use of the
>> Mnemonic encoder with a GUI like this: http://mooseyard.com/Jens/
>> 2008/04/cloudy-verification/ (page down, about three or four screens).
>
> I was wondering when I'd finally see something like this!  I've long thought 
> that a good solution for fingerprint verification would be to ask the user 
> for the fingerprint rather than to simply display it.  The approach Jens uses 
> is the same fundamental idea: intentionally withhold information and force 
> the user to do work.
>
> Sure, it's really annoying to have to do any kind of work, but I do think this 
> approach could succeed as long as it is possible to skip the validation.

This should be possible. A client could accept any certificate using
TLS even unknown. The TLS handhake is complete and the client knows it
is connected with someone with the fingerprint x. This is as secure as
SAS unless you verify the key. You can do that later. It is just a
matter of the implementation if it accepts unknown certificates or not.

> People just want to get things done.  If you say "verify this code" and you 
> show them the code, and the only options are to proceed with a verified code 
> or not proceed at all, then people are just going to lie to your software and 
> press "okay" (see SSH). 

Yes, I never check ssh keys on first connection. I only check stuff if
the keys was changed later.


Dirk

-- 
In the beginning, there was nothing. And God said, 'Let there be
Light.' And there was still nothing, but you could see a bit better.


More information about the Security mailing list