[Standards-JIG] RE: Encrypted sessions

Jean-Louis Seguineau jean-louis.seguineau at laposte.net
Wed Jun 7 18:04:27 UTC 2006


That's excellent news. JEP-116 provides a very good starting point.  
I nevertheless believe it can be simplified by only keeping the "online
sessions crypto" part. 

The support for encrypted stanzas when offline is adding complexity to the
overall implementation, and increasing the security risk by mandating the
long term session keys to be "kept" on the client machine. 

If we do not do "offline crypto" then we just have to do a Diffie-Helmann
keys exchange for every new p2p session, and discard all crypto material
when a session is ended. The overall process becomes simpler, as every
session starts new, and there is no need to check if previous long term keys
have been negotiated earlier.

Jean-Louis 



-----Original Message-----
Message: 1
Date: Wed, 07 Jun 2006 10:08:06 -0600
From: Peter Saint-Andre <stpeter at jabber.org>
Subject: Re: [Standards-JIG] expiring JEPs
To: Jabber protocol discussion list <standards-jig at jabber.org>
Message-ID: <4486F9E6.6010707 at jabber.org>
Content-Type: text/plain; charset="iso-8859-1"

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ian Paterson wrote:
>>> JEP-0116: Encrypted Sessions
>>>           http://www.jabber.org/jeps/jep-0116.html
>> Come on guys, we need someone to pick up the torch on E2E encryption.
> 
> This summer we should have two implementations. Jan Sembera's upcoming
> open-source library and my commercial JavaScript library. The experience
> will no doubt result in improvements to the protcol.

Yes, and it's possible that we might establish funding and/or bounties
for other implementations.

Peter

- --
Peter Saint-Andre
Jabber Software Foundation
http://www.jabber.org/people/stpeter.shtml

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEhvnmNF1RSzyt3NURAqPcAKCMQrrn4CmWvN/wn4VzIuY24I69UwCghz6k
zzFfpn9MHHW+zRfs7aUCSbQ=
=i9Ax
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3641 bytes
Desc: S/MIME Cryptographic Signature
Url :
http://mail.jabber.org/pipermail/standards-jig/attachments/20060607/4f4db0cf
/smime-0001.bin

------------------------------

_______________________________________________
Standards-JIG mailing list
Standards-JIG at jabber.org
http://mail.jabber.org/mailman/listinfo/standards-jig


End of Standards-JIG Digest, Vol 29, Issue 20
*********************************************




More information about the Standards mailing list