[Security] PGP (XEP-0027)
justin at affinix.com
Wed Jun 3 02:23:30 CDT 2009
On Tuesday 02 June 2009 22:24:07 Simon Josefsson wrote:
> While I like PGP/X509 to be used, I think it is important to also
> support secure communication to happen based on a shared secret. While
> the security industry likes to believe public key solutions will solve
> everything, what normal people understand will continue to be
> "passwords". And it should be possible to build a secure communication
> system bootstrapped from a password. One approach is for
> implementations to generate the X509/PGP certs on the fly, and
> authenticate them using the shared secret.
I believe the consensus is that we should support passwords, X.509, and PGP.
So don't worry, nobody's getting left out. :) Even the latest security spec,
draft-meyer-xmpp-e2e-encryption-01, covers all three cases.
I do like the suggestion of generating a self-signed X.509 certificate on the
fly and protecting it with a password somehow. This way, every existing TLS
library and language binding can be used to implement password-secured
In contrast, draft-meyer-xmpp-e2e-encryption-01 specifies that passwords
should be used natively in TLS, via the SRP extension. This approach is
ideal from a protocol perspective, but comes with a high cost: developers may
need to rework/switch TLS libraries. In my opinion, this is not XMPP's
battle. I think being able to use "off the shelf" TLS libraries is a noble
goal, and one we should choose over protocol purity.
More information about the Security