[Security] PGP (XEP-0027)

Brian Cully bcully at gmail.com
Thu Jun 4 18:32:52 CDT 2009


On 4-Jun-2009, at 18:34, Peter Saint-Andre wrote:
>> Just to throw a spanner in the works - we *do* have a trusted third
>> party. Jabber.org - or at least one of the user's server. Although
>> what would the ramifications be of releasing Kerberos on poor
>> unsuspecting Jabber users?
>
> I don't think that jabber.org is a trusted third party, and I'm in
> charge of jabber.org. ;-)

	Agreed. Kerberos is trusted because the protocol is solid and you own  
the Kerberos server. Everything falls apart as soon as you have to  
trust a third party (this explicitly mentioned in its documentation  
with regards to cross-domain authentication.) It's similar to signing  
someone's PGP key: you don't do it unless you *know* that person and  
key, otherwise the network security degrades.

	Proper message authentication and encryption, in my mind, is peer-to- 
peer with out-of-band verification mechanisms (particularly face-to- 
face). You can layer verification, as in PGP key signing, but this is  
also a fundamentally peer-to-peer action.

	I think, ultimately, you cannot trust the network to relay keys to be  
used on the self-same network. To do so invokes a race condition,  
whereby a man-in-the-middle can spoof a stream before it auths and  
subsequently fake the auth when it's attempted. Kerberos works around  
this by having a *trusted* third party verify all keys in the system,  
but in the Internet, at large, you cannot make those assumptions.

	Given that, perhaps the focus should be on easing key exchange and  
verification amongst peers. The verification step is particularly  
hard, since, again, you can't trust the network, but you can do things  
like short, easy to communicate signatures which can be delivered out- 
of-band trivially (think, "drunk in a bar") to something as impressive  
as audio/video feeds of the peer exchanging or verifying her key with  
you[1].

-bjc

[1] Interestingly enough, you can do this on the network where key  
exchange takes place because it uses hard-to-fake cues. It's  
ultimately less secure than when you can smell 'em across from you,  
but much better than machine-to-machine verification. It should be  
emphasized that trust is a continuum.


More information about the Security mailing list