[Security] PGP (XEP-0027)

Justin Karneges justin at affinix.com
Wed Jun 3 02:23:30 CDT 2009


On Tuesday 02 June 2009 22:24:07 Simon Josefsson wrote:
> While I like PGP/X509 to be used, I think it is important to also
> support secure communication to happen based on a shared secret.  While
> the security industry likes to believe public key solutions will solve
> everything, what normal people understand will continue to be
> "passwords".  And it should be possible to build a secure communication
> system bootstrapped from a password.  One approach is for
> implementations to generate the X509/PGP certs on the fly, and
> authenticate them using the shared secret.

I believe the consensus is that we should support passwords, X.509, and PGP.  
So don't worry, nobody's getting left out. :)  Even the latest security spec, 
draft-meyer-xmpp-e2e-encryption-01, covers all three cases.

I do like the suggestion of generating a self-signed X.509 certificate on the 
fly and protecting it with a password somehow.  This way, every existing TLS 
library and language binding can be used to implement password-secured 
sessions.

In contrast, draft-meyer-xmpp-e2e-encryption-01 specifies that passwords 
should be used natively in TLS, via the SRP extension.  This approach is 
ideal from a protocol perspective, but comes with a high cost: developers may 
need to rework/switch TLS libraries.  In my opinion, this is not XMPP's 
battle.  I think being able to use "off the shelf" TLS libraries is a noble 
goal, and one we should choose over protocol purity.

-Justin


More information about the Security mailing list