[Standards-JIG] Re: MUC and owner getting disconnected.

Jens Mikkelsen gyldenskjold at mail.dk
Thu Jan 13 20:17:58 UTC 2005


On Thu, 2005-01-13 at 19:34, Peter Saint-Andre wrote:
> In article <1104231587.2990.6.camel at localhost.localdomain>,
>  Jens Mikkelsen <gyldenskjold at mail.dk> wrote:
> 
> > It doesn't help me though. As I need a room that must have an owner and
> > must be restricted to whom he/her allows. ;o)
> 
This is because I was working on an encrypted MU-C room. (It is finished
by the way). In the solution the server can be compromised, so it cannot
be trusted.
The encrypted MU-C work with symmetric encyption with one secret key
that all members share. To distribute the key asymmetric encryption is
used. Because the server isn't trusted, the owner keeps a local
memberlist, so he knows who he needs to distribute keys to. (If a member
i revoked a new key is send). If the key was distributed to all on the
memberlist on the server, an attacker could change the memberlist.
So if the owner were to leave the room, theres no local memberlist and
there cannot be any key negotiation. Hence the owner question. 
(2) is not handled on the server and cannot be, as there has to be a
local list.

I thought about this protocol, when implementing:
1. An owner wants to leave the room.
2. He sends the memberlist to another member encrypted either with the
symmetric key or the asymmetric key.
3. Owner makes this member an owner.
4. As members have to know who is the owner, owner broadcasts new owner.
(signed)
5. Owner exits room.

This creates some practical problems though, so I went with the other
solution. Here the client exits the room if an owner exits the room.

> So in your room:
> 
> (1) an owner MUST always be present
> (2) only users approved by the owner are allowed in the room
> 
> #2 is addressed by members-only rooms. #1 is not addressed by the 
> current specification or implementations as far as I know, since I've 
> never heard of it as a requirement.
> 
> /psa
> 
> _______________________________________________
> Standards-JIG mailing list
> Standards-JIG at jabber.org
> http://mail.jabber.org/mailman/listinfo/standards-jig
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://mail.jabber.org/pipermail/standards/attachments/20050113/3ce2818d/attachment.sig>


More information about the Standards mailing list