[Standards-JIG] The Great Encryption Debate

Peter Saint-Andre stpeter at jabber.org
Thu Aug 11 18:48:17 UTC 2005

I've just reviewed the entire discussion thread and here's what I see so 

First, there are two separate problems in this space:

    1. Associating a key or certificate with a JID
    2. Using that key or cert to encrypt XMPP communications

Both RFC 3923 and JEP-0027 punted on (1). In effect JEP-0116 does also. 
We need to define one or more methods for passing around keys in-band 
(naturally people could also use out-of-band methods, some of which may 
be more secure than others). I like the general form of David Chisnall's 
proposal to re-use existing contact lists, but we'd need to define that 
more fully. Other options are to settle on one or more root certificate 
authorities, which might include setting up the JSF as a CA for the XMPP 
network or including JIDs in certificates received from CAcert and other 
CAs. Personally I'd prefer something distributed over something 
centralized for many reasons (though a hybrid distributed web of trust 
plus centralized CA might also work -- that's what CAcert is).

We don't yet have consensus on (2). JEP-0116 looks complex and folks 
would like to find ways to simplify it. Ian Paterson points out that it 
wouldn't look so complex if we had a library people could embed in their 
applications, as they do now for things like SSL and PGP. But then we 
have interoperability through monopoly as opposed to interoperability 
through transparency. One path to simplifying JEP-0116 might be to 
settle on a small set of mandatory-to-implement technologies and also to 
limit the number of available options for various parameters. I have not 
seen much enthusiasm for RFC 3923 (especially given the dependency on 
non-existent CPIM parsers), nor for JEP-0027. Does anyone want to write 
a proposal that uses xmlenc?

In general, I think it would be best to develop e2e security solutions 
that leverage what is distinctive about IM applications (especially XMPP):

   1. rosters
   2. presence
   3. sessions

So I'd love to see a key-sharing protocol that re-uses rosters in 
something like the way that David outlined, and I'd be happy to help 
define that. I also continue to think that online communications are 
more important than offline communications, although I don't have 
objections to developing something like the offline DH exchange that Ian 
outlines in JEP-0116. And I prefer the session-oriented nature of 
JEP-0116 to object-oriented encryption. However, these are just my opinions.

The next steps include working on the key-sharing protocol(s) and 
clarifying/simplifying JEP-0116. Additional problems include figuring 
out how the session-oriented approach would work for one-to-many and 
many-to-many communications such as pubsub and groupchat (if at all).

And I'm sure I've missed a few things, so feel free to correct me where 
I'm wrong. :-)


Peter Saint-Andre
Jabber Software Foundation

More information about the Standards mailing list