[Security] PGP (XEP-0027)

Dirk Meyer dmeyer at tzi.de
Tue Jun 2 15:59:35 CDT 2009

Peter Saint-Andre wrote:
> On 6/2/09 1:56 PM, Dave Cridland wrote:
>> On Tue Jun  2 18:56:35 2009, Jonathan Schleifer wrote:
>>> What if DSA gets completely broken someday? Then we're screwed. And if
>>> we want to be algorithm-independant, we need to implement something
>>> very similar to OpenPGP anyway.
>> Or TLS.
>> Which, incidentally, can use PGP keys.
> AFAIK only GnuTLS has (experimental) support for RFC 5081

Yes. IIRC GnuTLS is the only lib with SRP and GPG support. But neither
is exposed in language bindings (except maybe guile).

>> But in any case, I don't think the crypto is actually the tricky bit
>> with single-message stuff

No. Both X.509 and OpenPGP rely on an asymmetric key pair (RSA/DSA) we
can use for the operation. So if I know your X.509 certificate I have
everything I need to encrypt a message.

>> it's formatting, since ideally you want to
>> sign everything (including <iq/>) in a way that lets those signatures be
>> ignorable to naïve actors, which is going to be a tough one to solve.
>> (Easy for messages, but impossible for <iq/> as far as I can see.)
> Some folks who said they were using XMLdsig for XMPP were lobbying me to
> relax the one-payload rule for IQs so that they could include the
> signature along with the regular payload.

IMHO XMLdsig is very scary. That is one reason why I changed XEP-0189 to
use binary format. I have no idea how to support signatures only, but
encrypt and sign can work without XMLdsig. Just take the stanza, encrypt
it, and sign the binary data. But I admit, I'm not up-to-date what
XMLdsig is doing.


Don't play stupid with me - I'm better at it!

More information about the Security mailing list