[Security] PGP (XEP-0027)

Peter Saint-Andre stpeter at stpeter.im
Wed Jul 1 17:54:15 CDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 6/3/09 4:35 AM, Simon Josefsson wrote:
> Dirk Meyer <dmeyer at tzi.de> writes:
> 
>> Yes. That is some sort of problem. Another idea would be to use
>> something else inside 'security-info' to verify the certificates after
>> the TLS handshake if they are not known. This requires some sort of
>> channel bindings. The good idea to use the TLS Finished messages have
>> the same problem as SRP since it requires support in the TLS lib. A
>> different idea is to use the certificates in the channel binding
>> process: password = sha1(cert1 + cert2 + user password)
>>
>> It is possible to use SRP outside TLS for the channel bindings. As
>> already pointed out, my understanding is that SCRAM is not secure and
>> the client in the role of the TLS server can run a dictionary
>> attack. What we need it a channel binding SASL method based on SRP.
> 
> Time to restart this document, perhaps?
> 
> http://www.melnikov.ca/mel/Drafts/draft-burdis-cat-srp-sasl-07.txt
> 
> I would replace the security layer with a channel binding to TLS,
> though.

Interesting. It's 7 years old, but might be worth restarting.

Peter

- --
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkpL6RcACgkQNL8k5A2w/vxW2QCeKCyAT3y2zsmrmj32C8KnQY5O
EewAnj1MkeuWdD7vsRfPO8Pmxx6gOCFk
=xMzI
-----END PGP SIGNATURE-----


More information about the Security mailing list