[Security] client-to-client security :: Summary and todo's

Dirk Meyer dmeyer at tzi.de
Sat Aug 23 09:23:28 CDT 2008


Pedro Melo wrote:
> Hi,
>
> On Aug 23, 2008, at 2:12 PM, Dirk Meyer wrote:
>> IMHO OAuth is kind of stupid. I have to trust a server I do not
>> know. No, the point is that I can upload a certificate to my XMPP
>> server and the owner of that certificate (a bot, a client I do not
>> trust) can log in using SASL-EXTERNAL as me without having the
>> password.
>
> OAuth is not stupid. The server you do not trust is your own XMPP
> server. If you don't trust that, well, what are you doing connected
> to him?

Oops, sorry, I messed up OAuth and OpenID. My fault, ignore me.

> I can ask my XMPP server for a opaque token that I provide to my bot
> and he can use that to authenticate.
>
> Having said that, I also like your "upload-certificate" idea.

Combine OAuth with SASL for server login .... nice one. Use your XMPP
connection to generate a token and give that to the new not-so-trusted
client and it can log in with it. The client gives away its
certificate for future logins.

>>> Yes, what do we need from the server? In a perfect world I would hope
>>> not to have to go through the server apart from the Jingle
>>> negotiation? Ok, and IBB-Jingle fallback.
>>
>> In that case we need a SOCKS5 proxy or a TURN server. I prefer the
>> TURN server but we lack ice-tcp support to use it.
>
> If you can negotiate a direct TCP (or TCP-like with order guarantees)
> via ICE, much better.

Direct should be possible if only one is behind a NAT or a
firewall. If both are you need the help of a TURN server. Well, there
is STUNT (STUN over TCP) but IMHO this is a bad hack and it won't work
with all router. You could also add UPnP IGD to open a port on your
router, or the similar method apple used (I can not remember the name
right now, it is an IETF draft) or you can put a TURN server on your
router.

>> I also need the server to help me find a TURN server I can use if I
>> need one.
>
> Isn't this a problem to be solved by the Jingle specs?

Yes. On the list we only need to know that there is way to open a
stream between clients. How we do that should be discussed on the
jingle list.


Dirk

-- 
A)bort, R)etry, I)nfluence with large hammer.


More information about the Security mailing list