[Security] PGP (XEP-0027)

Justin Karneges justin at affinix.com
Wed Jun 3 03:08:37 CDT 2009


On Wednesday 03 June 2009 00:50:23 Simon Josefsson wrote:
> Justin Karneges <justin at affinix.com> writes:
> > In contrast, draft-meyer-xmpp-e2e-encryption-01 specifies that passwords
> > should be used natively in TLS, via the SRP extension.  This approach is
> > ideal from a protocol perspective, but comes with a high cost: developers
> > may need to rework/switch TLS libraries.  In my opinion, this is not
> > XMPP's battle.  I think being able to use "off the shelf" TLS libraries
> > is a noble goal, and one we should choose over protocol purity.
>
> Sure, but the word "somehow" is critical, and I suspect SRP may turn out
> to be the simplest way to achieve the goal.  Other alternatives include
> inventing protocols like bluetooth-pairing or ZRTP, but compared to
> those, I believe TLS-SRP is "off the shelf".  I'm not aware of well
> standardized online password-based solutions, without a trusted third
> party (think Kerberos), that have good properties except for SRP.  PSK
> based on a password has offline dictionary attack concerns.  Does anyone
> recall discussion of other options?

Do offline dictionary attacks matter? (Not that I'm advocating PSK, as I think 
that's an even more esoteric feature than SRP).  At one point, our aim was to 
have an online SAS exchange using a small, throw-away password.  Dirk: has 
this changed?

-Justin


More information about the Security mailing list