[Standards-JIG] Many to many e2e encryption (JEP-116)
justin-keyword-jabber.093179 at affinix.com
Tue Nov 29 19:50:39 UTC 2005
On Tuesday 29 November 2005 06:31, Kevin Smith wrote:
> On 29 Nov 2005, at 04:42, Justin Karneges wrote:
> > How so? It should be possible to send symmetrically encrypted
> > messages and
> > negotiate session keys without the MUC service knowing the keys.
> That's the conclusion I came to. Are you trusting the MUC service to
> correctly report participants though?
I suppose that ultimately all new participants would have to be okay'd by
someone else (or everyone!) in the room so that the MUC service can't
"inject" a new user. I don't think there's anything we can do about the MUC
service ejecting someone though, that's a DoS attack that even a normal
Jabber server can perform and I'm not worrying about it.
And if all presence is secured somehow (signed?) then we shouldn't need to
trust the MUC service at all. It is just our transport layer.
More information about the Standards