[Standards] end-to-end encryption meeting

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Fri Nov 9 21:40:27 UTC 2007


On Thursday 08 November 2007 3:34 pm, Peter Saint-Andre wrote:
> In general, we decided (again?) that only ESessions and XTLS really make
> sense to pursue further (i.e., not OpenPGP, S/MIME, OTR, or xmlenc).

To explain:
  - At the meeting, Perfect Forward Secrecy (PFS) was decided to be a 
requirement (maybe this same decision was made in the past, but this was the 
first meeting I was involved in to witness it).  This decision essentially 
rules out public-key based object encryption (OpenPGP, S/MIME).  Note that 
this does not necessarily rule out using those formats for signing or trust 
bootstrapping.
  - OTR basically offers the same security features as Esessions.  Both are 
not proven, but Esessions fits XMPP better.
  - xmlenc symmetric encryption could have been considered as a building block 
for Esessions, but I assume this was already decided against.

This leaves only Esessions and XTLS to be analyzed further.

Esessions claims to do everything we want.  However, it is not proven.  Last 
time we invited security folks to inspect Esessions, we were immediately told 
to give up and just use S/MIME.  We don't want to use S/MIME, because it 
doesn't support PFS.  However, we also don't want to give the finger to the 
security community.  That leaves us with one choice really: look for a 
similarly proven protocol that meets our requirements.  The closest match 
seems to be TLS (hence, XTLS).

-Justin



More information about the Standards mailing list