[Standards] [Fwd: Re: [Council] Minutes of Council 2009-11-23]

Peter Saint-Andre stpeter at stpeter.im
Tue Nov 24 22:41:33 UTC 2009

On 11/24/09 3:33 PM, Peter Saint-Andre wrote:
> Forwarding to standards@ so that we can have a public discussion...
> -------- Original Message --------
> Subject: Re: [Council] Minutes of Council 2009-11-23
> Date: Tue, 24 Nov 2009 17:03:54 +0000
> From: Dave Cridland <dave at cridland.net>
> Reply-To: XMPP Council <council at xmpp.org>
> To: XMPP Council <council at xmpp.org>
> References:
> <f5aae3ec0911240353p69c37112s391a65a919d58373 at mail.gmail.com>
> <27382.1259079316.574865 at puncture> <4B0C0CE9.70107 at stpeter.im>
> On Tue Nov 24 16:42:17 2009, Peter Saint-Andre wrote:
>> And do feel free to weigh in on XEP-0249. :)
> Yes, I'll weigh in on this with a -1, I'm afraid.
> The security considerations should be referencing XEP-0045, 

So are you suggesting that XEP-0249 should simply reference XEP-0045 and
not include a security considerations section?

> but it
> also needs to draw specific attention to the fact the password is
> included in the clear, and may be intercepted.

The Security Considerations of XEP-0249 v1.1 currently include the
following text:

"In the absence of end-to-end encryption, a passive attacker could
eavesdrop on the chatroom invitations that a user sends or receives.
This is especially threatening if the invitation includes a 'password'
attribute for a password-protected room."

Is that not attention not specific enough?

> This is no more or less secure than existing mediated invitations, of
> course - all parties with the ability to snoop the password still
> have it with direct invitations.

Correct. That's one of the reasons why I don't like password-protected
rooms. Use members-only instead.

> Also, it's probably worth noting that the common alternative to
> password, being member-only rooms with the service automatically
> adding invited user to the member list, won't work as transparently
> here, so inviters shoudl send invitees both mediated and direct
> invitations.

You mean as in the current (1.1) text of the Implementation Notes?

"Before inviting a contact to a members-only room, a user SHOULD check
to see if the contact is already a member and, if not, add the contact
to the member list (or ask a room administrator to do so)."

Yes, members-only rooms are not as transparent with direct invitations
as with mediated invitations. That's the main reason we moved from
direct to mediated invitations in the first place! [XEP-0249 re-uses (or
finally documents) the ancient jabber:x:conference namespace, which was
in use with "groupchat 1.0" before MUC was invented.]


Peter Saint-Andre

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6820 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20091124/aed138a7/attachment.bin>

More information about the Standards mailing list