[Standards-JIG] Re: The Great Encryption Debate
theraven at sucs.org
Tue Aug 9 15:18:38 UTC 2005
On 9 Aug 2005, at 14:59, Ian Paterson wrote:
> Unfortunately Bob and Alice have to disclose part of their rosters to
This isn't really a problem, since in the method I proposed only
requires that they exchange hashes (something like MD5 or SHA) of
each JID. There is no way of getting the JID back from the hash, so
there is no way of using this to discover even the partial contents
of someone's roster unless you have a mutual acquaintance.
Since writing this, I have become familiar with the web of trust
concept employed by CAcert. This allows individuals to assure
others, which might be a slightly better model. I would have to a
bandwidth analysis of this, but it might be feasible to have a scheme
1) Alice want to establish a trust-relationship with Bob
2) Alice sends the hash of Bob's JID to everyone she already trusts
(via an encrypted session).
3) If they do not trust Bob, they repeat the procedure with everyone
they trust (up to a specified TTL).
4) Once a trusted intermediary, Charlie, has been found (i.e. someone
who has a trust-path between both Alice and Bob), they sign Alice and
Bob's pubic keys and send them on (via other trusted intermediaries
if required, each of whom adds a signature).
5) Alice and Bob now have copies of each others public keys and can
be used as intermediaries in the web of trust.
Alice and Bob can ask other mutual acquaintances to sign their keys,
giving a greater trust-score to each other. The trust score should be
inversely proportional to distance between people and proportional to
the number of trusted paths between individuals.
I came up with an idea similar to this a year or so ago, but having
seen how well it works with CAcert I am more inclined to propose it
as a solution for Jabber.
More information about the Standards