[Security] Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing

Peter Saint-Andre stpeter at stpeter.im
Sun Aug 31 11:09:17 CDT 2008


Dirk Meyer wrote:
> Pedro Melo wrote:
>> On Aug 29, 2008, at 12:43 PM, Dave Cridland wrote:
>>
>>> On Fri Aug 29 12:11:11 2008, Pedro Melo wrote:
>>>> Well, I have this thing called a roster, and some of them I
>>>> already  have certified as being the person I expect them to be.
>>>> And for some  of those, I actually trust their judgement. So why
>>>> not asking them if  they know this person? And if yes, what's the
>>>> signature they know them  by?
>>> Hmmm. A protocol allowing me to discover if another jid is on your
>>> roster?
>> interesting choice of words :), but actually is more like this:
>>
>> "Hey, I have this JID here that I want to talk to. Do you know him?
>> and if yes, can you give me the fingerprint that you know him by?"
>>
>> The JID is provided by my own free will. There is no assertion that
>> this JID is on my roster.
> 
> And even if it is: you are friends. The client could ask all contacts
> in the roster matching a trust level.

Right. I would not ask everyone in my roster (2000 people), probably 
only people who are online right now and who match a certain trust level 
(e.g., people who also have certs I've verified).

>>> Second, if I reply with a fingerprint match, I'm verifying not only
>>> the fingerprint, but that I, too, have spoken to Dirk and confirmed
>>> him, so you can run away and tell everyone we're co-conspirators.
> 
> That is how a web-of-trust works, you have to trust. If I trust you,
> you can get such informtion from me and you can trust that I verified
> the fingerprint somehow. If you think I'm a co-conspirator without
> someone else, we don't have something I would call trust. :)

Good point. :)

>> Yes, but I can't see how to ask you do confirm something for me
>> without telling you this much. Maybe someone else can.
>>
>> But I like using the Roster as a Web-of-Trust...
> 
> Roster + a reqorked version of XEP-0189. I do not want to ask all the
> people in my roster if they know you, it would be nice if you could
> give me a hint. I guess we can say that if we want to open a secure
> connection, we trust each other (even on this insecure link) that we
> are in each others roster. And for people we both trust the same would
> be true. 
> 
> 1. You give me a certificate I can not verify
> 2. I check your pubsub server XEP-0189, node: people who can verify
>    you. Access only for people in your roster. I see Pedro whom I
>    know and trust.
> 3. I check Pedro's pubsub server XEP-0189, node: people he knows. All
>    keys are signed by his key. I have his key and I'm in his roster to
>    access that information
> 4. I can verify your key
> 5. I sign your key and upload it to my pubsub server as people I know.
> 6. I tell you that I can now verify your key
> 7. You change your pubsub server and add me as someone who can verify
>    you.
> 
> Peter wants to give XEP-0189 more love, I guess this is something that
> should be in it. Also the user/client keys. When he is back I can work
> with him to add all that stuff.

Sure, let's do that. Or feel free to pull the XML out of SVN and start 
working on it. :)

/psa
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6751 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080831/f02b0b73/attachment.bin 


More information about the Security mailing list