[Standards-JIG] XMPP trust diameter

Peter Saint-Andre stpeter at jabber.org
Tue May 30 19:39:11 UTC 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jean-Louis Seguineau wrote:
> Thanks Peter,
> 
> Hal was actually saying in his post that trust would go away as soon has
> there is a hop on the path of a stanza. This is what I was referring to when
> asking if the trust was invalidated as soon as a stanza was leaving one's
> home server. You seems to have a different opinion, can you expend slightly?

I don't see a strong reason why trust should go to zero as soon as I go
outside my "home" domain (or why trust should be maximal in my home
domain). Right now we use all sorts of implicit guidelines to determine
how much we might trust another domain -- its use of SSL/TLS, whether
its certificates are self-signed or issued by a CA, whether it has a
website that seems to be legitimate, whether its privacy policies are
acceptable, whether people I trust recommend it, whether it's a trusted
brand, etc. Not all of those may be *good* rules of thumb, but we do use
them.

> I agree with the pragmatic approach of making it harder for spammer by
> increasing the cost of them using an XMPP network. I have been sold on this
> approach for years. Moreover, I see the subtle difference you introduce by
> saying "fast enough": you do not eradicate spam, you just route it on
> another network ;)

Exactly.

> More seriously, I believe TLS is only part of an answer to making XMPP more
> "trustworthy", which is why I am particularly interested by what is covered
> in the "etc" of your last section. To me "trustworthy" carries some idea of
> "being acceptable". Are you saying we could bring an XMPP network to an
> acceptable level of trust without resorting to the heavy artillery used in
> other web applications? If so, that would be a more than acceptable
> achievement, and a decisive advantage.

I agree that TLS is not the only answer. Other factors that might
contribute to greater trust in the open XMPP network would include
end-user certificates, end-to-end encryption, reputation systems,
greater hop-to-hop reliability, and distributed monitoring of the
network (resulting in better metrics of network reliability). I'm sure
there are more.

Peter

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEfJ9fNF1RSzyt3NURAt57AKCcw/a2xxmjzldVy3iNNBOurthddQCg16ef
XxcElkeSXWn5+n0lOhSfeOY=
=lvso
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3641 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20060530/d3755241/attachment.bin>


More information about the Standards mailing list