[Standards] Account Management protoXEP

Dave Cridland dave at cridland.net
Wed Nov 9 14:14:55 UTC 2011


On Wed Nov  9 13:52:06 2011, Jehan Pagès wrote:
> Re-reading a little this topic before passing to council vote, I add
> my voice to this point too! That's another good reason why ad-hoc
> commands are probably not adapted. The more I think about it, the  
> less
> I think ad-hoc fits password modification (or account creation).
> Ad-hoc is a great feature but is too generic for being secure (in  
> its
> current state in particular, but in general too) and credentials are
> typically a part of the protocol which needs special care 

I'd be willing to entertain this, except that account registration in  
particular is highly variable from site to site.

For changing passwords, on the other hand, I don't see a need to  
change from XEP-0077.

> (not showing
> the password in the GUI for anyone overseeing over the user's
> shoulder; specific processing and encryption before passing through
> the wire from client to server; never be actually known, if possible
> like for SCRAM, not even to the user's server, because users tend to
> have the bad habit of using the same password everywhere, etc.).
> 
> 
We can't do this here. It's not an impossible concept, but the place  
to define such a standards would be in the IETF's Kitten working  
group, not here. (In case anyone wonders, Kitten = "Son of Cat"; Cat  
= "Common Authentication Technologies".)

If this were to happen, then (and only then) there's be a compelling  
reason for password changes to run through something different.

> I really think we need a specific protocol. I am ready to accept a  
> lot
> of remarks and edit the XEP, we can discuss how to improve and
> simplify/secure/enhance/modify the protocol accordingly, or even
> divide whole part of the XEP if really needed (for instance some
> people wondered whether we should not split registration and
> management part; I could make 2 XEPs for this). But let's have a
> secure approach and not stay in our current "all in plain text,
> without any precaution nor specific GUI" approach.

Registration I think has to be highly flexible, and that to me  
suggests a well-known ad-hoc command.

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade



More information about the Standards mailing list