[Standards] end-to-end encryption meeting
justin-keyword-jabber.093179 at affinix.com
Fri Nov 9 21:40:27 UTC 2007
On Thursday 08 November 2007 3:34 pm, Peter Saint-Andre wrote:
> In general, we decided (again?) that only ESessions and XTLS really make
> sense to pursue further (i.e., not OpenPGP, S/MIME, OTR, or xmlenc).
- At the meeting, Perfect Forward Secrecy (PFS) was decided to be a
requirement (maybe this same decision was made in the past, but this was the
first meeting I was involved in to witness it). This decision essentially
rules out public-key based object encryption (OpenPGP, S/MIME). Note that
this does not necessarily rule out using those formats for signing or trust
- OTR basically offers the same security features as Esessions. Both are
not proven, but Esessions fits XMPP better.
- xmlenc symmetric encryption could have been considered as a building block
for Esessions, but I assume this was already decided against.
This leaves only Esessions and XTLS to be analyzed further.
Esessions claims to do everything we want. However, it is not proven. Last
time we invited security folks to inspect Esessions, we were immediately told
to give up and just use S/MIME. We don't want to use S/MIME, because it
doesn't support PFS. However, we also don't want to give the finger to the
security community. That leaves us with one choice really: look for a
similarly proven protocol that meets our requirements. The closest match
seems to be TLS (hence, XTLS).
More information about the Standards