[Standards] end to end encryption vs. usability and feature

Peter Saint-Andre stpeter at jabber.org
Tue Feb 27 23:37:59 UTC 2007


Olivier Goffart wrote:
> Le mardi 27 février 2007, Peter Saint-Andre a écrit :
> 
>> Our protocol does not use the server to share server keys. Please read
>> the specs before you comment.
> 
> Which protocol ?
> At least XEP-0189 uses the server since all keys are sent with <iq/> that are 
> routed by the server, so the server is free to modify them.

Yes, that is a possible attack against the public (not private!) key 
storage method. The spec is currently in last call so feel free to 
review it and provide suggested text or protocol changes. By the way, 
XEP-0189 is used only for encrypting offline messages, which is not the 
main use case here (see XEP-0200 and XEP-0116 for information about 
encrypted sessions).

> And this is the same with XEP-0116 (but with <messages/>)

Sure, any given server can modify any given stanza. But you'd figure 
that out pretty quickly in OTR since it ensures integrity. At least this 
way you can know that the server is tampering with your stanzas.

Peter

-- 
Peter Saint-Andre
XMPP Standards Foundation
http://www.xmpp.org/xsf/people/stpeter.shtml


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070227/f01fe9ec/attachment.bin>


More information about the Standards mailing list