[Standards-JIG] Re: The Great Encryption Debate
ian.paterson at clientside.co.uk
Mon Aug 8 17:42:24 UTC 2005
> The proposal using Diffie-Hellman does since Diffie-Hellman
> is vulnerable to a man-in-the-middle attack.
As Justin said, the proposal is not vulnerable to a man-in-the-middle
attack because the (initial) Diffie-Hellman keys are signed using
> It is not such a problem for SSH, because:
> a) SSH uses a fingerprint that can be verified offline
The "Security Considerations" of JEP-0116 recommend this and several
other methods of verifying public keys - see Section 9.3 (11.3 on v0.4)
> b) Someone intercepting it would have to have the ability to
> intercept and re-write packets at the transport layer
Sorry, I didn't understand this point. Both SSH and XMPP typically run
on top of a TCP/IP connection.
All protocols, including S/MIME and PGP, have to face the same public
key verification challenges. So this list agreed last week that the
protocol for publishing keys will be split into a separate generally
applicable JEP (as soon as someone has the time to write it).
> For Jabber, it means that you have to place
> total trust in the servers at each end.
IMHO JEP-0116 does not require the clients to trust the servers in any
way. Let me know if I have missed an issue, or if the JEP does not make
More information about the Standards