[Security] XEP-0189 Update Proposal Part 1
justin at affinix.com
Sat Sep 6 17:31:25 CDT 2008
On Saturday 06 September 2008 14:21:25 Dirk Meyer wrote:
> What about signing stuff? It also uses a hash.
There is no universal signature format for X.509, as far as I know. The
closest I can think of would be a Cryptographic Message Synax (PKCS#7)
signature, but it seems doubtful that a library called 'tlslite' would be
Most likely, tlslite is outputting a key-specific format. For example, it
could be using EMSA1 (for DSA) or EMSA3 (for RSA). Both of these formats
allow for different hash types to be used.
> quick look at the source code of tlslite looks like that the algorithm
> is encoded in the signature. Am I right?
Could be. I'm not sure how the low-level formats really work. Were you
looking at a format for DSA? I think there's one that includes the hash type
Just like with the fingerprint, I think you're going to have to either specify
the format method explicitly in the XEP, or allow the format information to
be passed along in attributes.
> > You lost me here. Who is creating this signature? Is the certificate
> > signing itself? What's the 'fingerprint' in <signature> for in this
> > case? I admit I didn't read the whole discussion. Maybe this is some
> > Web-of-Trust stuff?
So the fingerprint in the <signature> is the fingerprint of the one doing the
signing (and not the fingerprint of the signature itself, that's what had me
Another issue: X.509 already has the ability to sign certificates. You have a
User cert and a Client cert. Why have Client be self-signed, and then again
signed by User, when User (acting as a CA) could sign Client in the first
> Well, the expired is more or less useless, I agree. It is only here as
> a hint. About the revoke: can you revoke a certificate and add that
> information in the certificate? The problem is a have no CA and when a
> client gets stolen, I want to revoke the certificate. My understanding
> is that you have to check the CA for revoked keys. Without a CA I need
> something else.
The revoke would have to include a signature, otherwise you could revoke
certificates that aren't yours.
See GnuPG, where the common practice is to create a revoke message at the time
of key generation, keep it in a safe place, and then if your key is
compromised or lost then you can broadcast the revoke message to the world.
It's important to generate the revoke message before you lose your key,
otherwise you can never revoke it.
More information about the Security