[Standards] Client certification: E2E

Peter Saint-Andre stpeter at jabber.org
Thu Mar 29 20:51:37 UTC 2007

Magnus Henoch wrote:
> XEP-0073 (Basic IM Protocol Suite) in its current form requires
> support for XMPP-IM, which in turn (in section 12.2) requires
> XMPP-E2E.  Is that intentional?  That probably means that we will not
> see any clients fulfilling the requirements for basic certification
> for a while.

Heh, I was thinking about that just the other day.

The RFC 3923 dependency was required by the IETF for publication of RFC 
3921. As far as I know, there are no implementations of RFC 3923, so 
theoretically it could be removed from rfc3921bis (can't validate it for 
testing / advancement purposes if it's not implemented). However I don't 
think that would be acceptable to the IETF.

One solution is to develop an end-to-end encryption technology that 
would be acceptable to the IETF ("XTLS" is the most likely to be 
acceptable, though it might not meet all of our requirements, join the 
security at xmpp.org list to talk about that).

Another is to inquire of the IETF whether they would relax the 
dependency on RFC 3923. It can't hurt to inquire.

A different approach is to define XEP-0073 in a more granular fashion so 
that we are testing specific feature bundles rather than compliance with 
the entire spec, for instance see here:


Aside from the need to define and deploy a workable e2e technology, the 
issues here are mostly political, not technical. I will discuss this 
with people at the IETF as we get closer to finishing rfc3920bis and 
rfc3921bis. *

* [In fact I think the "bis" drafts are pretty far along, I have some 
feedback to incorporate on the dialback definition and I know that 
something is not quite right in our use of internationalized domain 
names so I need to delve into RFC 3490 to clear that up, but as far as I 
know those are the only outstanding issues.]


Peter Saint-Andre
XMPP Standards Foundation

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070329/4bcf5f74/attachment.bin>

More information about the Standards mailing list