[Standards-JIG] XMPP trust diameter

Pavel Šimerda pavel.simerda.lists at centrum.cz
Sun May 28 20:01:04 UTC 2006


On 2006-05-25 02:07, Jean-Louis Seguineau wrote:
> I am not 'mixing' terms, Hal, just 'stating' what I have read and heard
> people saying ;)
>
> Thanks, it helps. You just confirmed some of the shortcomings associated
> with these statements. But it is bringing more questions.
>
> I recall Peter using the fact an XMPP server was rewriting the 'from' JID
> as an argument against SIP in term of trusting the source of the message...
> In your opinion, are we saying this address rewriting increases trust? And
> if it does, are we saying this trust becomes invalid outside one's own home
> server?
>
> More generally, you seem to refer to trust as only being established
> between persons. I believe this is a bit restrictive. In you opinion, can
> we envisage a possibility to increase the trust level if we introduce a way
> for an XMPP entity to assert that the source JID of a stanza has been
> properly authenticated? Or would you say we always need to perform this
> verification against a particular context's asserting party ?
>
> Jean-Louis
>
>
> -----Original Message-----
> Message: 2
> Date: Wed, 24 May 2006 13:46:13 -0400
> From: "Hal Rottenberg" <halr9000 at gmail.com>
> Subject: Re: [Standards-JIG] XMPP trust diameter
> To: "Jabber protocol discussion list" <standards-jig at jabber.org>
> Message-ID:
> 	<b13a36870605241046t118204d4l43c09f144ac4977b at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> On 5/24/06, Jean-Louis Seguineau <jean-louis.seguineau at laposte.net> wrote:
> > I have seen many times on the list that XMPP is providing a greater level
>
> of
>
> > trust than other communication protocol. XMPP certainly claim a stronger
> > authentication than many others by the support of SASL and/or TLS.
>
> Careful, don't mix your terms here.  Trust != Authentication.  Also
> SASL and TLS are used to authenticate to a server, not another person.
>
> > My question to the list is: how far can the trust established on a user
>
> home
>
> > server be extended outside this server. Or put another way, once I cross
>
> an
>
> > s2s link, what remains of my initial trust, and how does it decrease with
> > the number of linked crossed?
>
> When hops > 1 trust = 0 in practical terms.  For example, most people
> agree that you can trust that a top-level CA has gone through some
> effort (and $$) to obtain that root certificate.  What does that mean?
>  It just means that we know who that entity is.  I'm not aware of what
> level of authenticity the CAs demand, but I do know that nothing is
> mandated by law (not that I'm proposing that it should be, eh Peter?).
>  So what you have is a group of companies who have their own rules
> about who can join.  Ok, this is starting to sound political even to
> my ears but I'm really not trying to go there.
>
> My point is this: TLS isn't a web-of-trust model, it's a hierarchical
> model.  If you trust the guy at the top, you "have" to trust everyone
> below.
>
> The closest thing that we have to trust in XMPP now would be JEP-0027
> [1], and that's just PGP/GPG bolted on top.  I don't believe its in
> very wide usage.  (I should do a Psi user poll...)

I'm not sure too, but I am using GnuPG with Psi.

Pavel

> Besides, there is nothing in XMPP that tells me how the other end of
> the conversation authenticated.  For all I know it uses anonymous SASL
> and I'm speaking to a random visitor to a website who chose the nick
> that I see in my chat window.  Or it could be some guy telnetting to
> port 5222!
>
> I hope this helps to answer your questions.  :)
>
> [1]: http://www.jabber.org/jeps/jep-0027.html

-- 
Keep it simple... http://www.pavlix.net/



More information about the Standards mailing list