[Security] Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing

Pavel Simerda pavlix at pavlix.net
Sat Aug 30 04:09:18 CDT 2008


On Fri, 29 Aug 2008 20:26:39 +0200
Dirk Meyer <dmeyer at tzi.de> wrote:

> Pedro Melo wrote:
> > On Aug 29, 2008, at 12:43 PM, Dave Cridland wrote:
> >
> >> On Fri Aug 29 12:11:11 2008, Pedro Melo wrote:
> >>> Well, I have this thing called a roster, and some of them I
> >>> already  have certified as being the person I expect them to be.
> >>> And for some  of those, I actually trust their judgement. So why
> >>> not asking them if  they know this person? And if yes, what's the
> >>> signature they know them  by?
> >>
> >> Hmmm. A protocol allowing me to discover if another jid is on your
> >> roster?
> >
> > interesting choice of words :), but actually is more like this:
> >
> > "Hey, I have this JID here that I want to talk to. Do you know him?
> > and if yes, can you give me the fingerprint that you know him by?"
> >
> > The JID is provided by my own free will. There is no assertion that
> > this JID is on my roster.
> 
> And even if it is: you are friends. The client could ask all contacts
> in the roster matching a trust level.
> 
> >> Second, if I reply with a fingerprint match, I'm verifying not only
> >> the fingerprint, but that I, too, have spoken to Dirk and confirmed
> >> him, so you can run away and tell everyone we're co-conspirators.
> 
> That is how a web-of-trust works, you have to trust. If I trust you,
> you can get such informtion from me and you can trust that I verified
> the fingerprint somehow. If you think I'm a co-conspirator without
> someone else, we don't have something I would call trust. :)
> 
> > Yes, but I can't see how to ask you do confirm something for me
> > without telling you this much. Maybe someone else can.
> >
> > But I like using the Roster as a Web-of-Trust...
> 
> Roster + a reqorked version of XEP-0189. I do not want to ask all the
> people in my roster if they know you, it would be nice if you could
> give me a hint. I guess we can say that if we want to open a secure
> connection, we trust each other (even on this insecure link) that we
> are in each others roster. And for people we both trust the same would
> be true. 
> 
> 1. You give me a certificate I can not verify
> 2. I check your pubsub server XEP-0189, node: people who can verify
>    you. Access only for people in your roster. I see Pedro whom I
>    know and trust.
> 3. I check Pedro's pubsub server XEP-0189, node: people he knows. All
>    keys are signed by his key. I have his key and I'm in his roster to
>    access that information
> 4. I can verify your key
> 5. I sign your key and upload it to my pubsub server as people I know.
> 6. I tell you that I can now verify your key
> 7. You change your pubsub server and add me as someone who can verify
>    you.

I only hope that you don't need to repeat all this again for mail.
Please don't forget PGP integration or else we're making it more
difficult than it is!

Btw, many people already use PGP keys and web of trust and two things
are imho crucial:

1) Ability to reuse a PGP trust as XMPP-based trust.
2) Ability to reuse a XMPP-based trust as PGP trust.

> 
> Peter wants to give XEP-0189 more love, I guess this is something that
> should be in it. Also the user/client keys. When he is back I can work
> with him to add all that stuff.
> 
> 
> Dirk
> 


-- 

Web: http://www.pavlix.net/
Jabber & Mail: pavlix(at)pavlix.net
OpenID: pavlix.net


More information about the Security mailing list