[Standards] Client certification: E2E
Fletcher, Boyd C. CIV US USJFCOM JFL J9935
Boyd.Fletcher at je.jfcom.mil
Thu Mar 29 21:59:18 UTC 2007
What about using the w3.org's specs for xml encryption and digital signing?
We have been using both very successfully for years over xmpp.
USJFCOM J9/SPAWAR SSC SD
M: 757.535.8190 (GSM)
M: 757.771.7084 (BB)
Sent from my BlackBerry.
From: standards-bounces at xmpp.org <standards-bounces at xmpp.org>
To: XMPP Extension Discussion List <standards at xmpp.org>
Sent: Thu Mar 29 16:51:37 2007
Subject: Re: [Standards] Client certification: E2E
Magnus Henoch wrote:
> XEP-0073 (Basic IM Protocol Suite) in its current form requires
> support for XMPP-IM, which in turn (in section 12.2) requires
> XMPP-E2E. Is that intentional? That probably means that we will not
> see any clients fulfilling the requirements for basic certification
> for a while.
Heh, I was thinking about that just the other day.
The RFC 3923 dependency was required by the IETF for publication of RFC
3921. As far as I know, there are no implementations of RFC 3923, so
theoretically it could be removed from rfc3921bis (can't validate it for
testing / advancement purposes if it's not implemented). However I don't
think that would be acceptable to the IETF.
One solution is to develop an end-to-end encryption technology that
would be acceptable to the IETF ("XTLS" is the most likely to be
acceptable, though it might not meet all of our requirements, join the
security at xmpp.org list to talk about that).
Another is to inquire of the IETF whether they would relax the
dependency on RFC 3923. It can't hurt to inquire.
A different approach is to define XEP-0073 in a more granular fashion so
that we are testing specific feature bundles rather than compliance with
the entire spec, for instance see here:
Aside from the need to define and deploy a workable e2e technology, the
issues here are mostly political, not technical. I will discuss this
with people at the IETF as we get closer to finishing rfc3920bis and
* [In fact I think the "bis" drafts are pretty far along, I have some
feedback to incorporate on the dialback definition and I know that
something is not quite right in our use of internationalized domain
names so I need to delve into RFC 3490 to clear that up, but as far as I
know those are the only outstanding issues.]
XMPP Standards Foundation
More information about the Standards