No subject

Sat Jul 10 15:26:43 CDT 2010

keys needed for end-to-end encryption via TLS.

1. Send keys over XMPP
If the user agent is required to only use e2e (and thus communicate keys)
when c2s is secure then the following requirement isn't needed.
keys are sent each time when a e2e TLS connection will be taken place, and
no caching to take place, because there is a possibly for the keys to be
transferred over an insecure channel and cached for use where there is a
secure one. Impact and attack made in the past, can still take place after
the client has switched to a secure connection.

*Automatic (great)
*secure if you trust c2s
*requires c2s

2. Allow the user to validate the certificate
*Hard, confusing to some users.
*Requires out of band communication
*user interaction is required
*increased security, doesn't rely on a 3rd party server, imagine e2e chat as
*Will work if the server goes down

I propose a mixture of both options:

Ask the user if they want to manually authenticate, by what ever method,
fingerprints, socialist millionaire protocol etc. the more the merrier.
And provide an easy and make this choice the default, an automatic
verification through the server.

This allows the user increased control over the validation process if they
want it
But also lets users do things the easy way, and still be secure.

Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

More information about the Security mailing list