[Standards] RFC 3923 (e2e with S/MIME) and OpenPGP

Peter Saint-Andre stpeter at stpeter.im
Tue Jul 16 17:30:13 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 7/16/13 4:27 AM, Carlo v. Loesch wrote:
> On Tue, Jul 02, 2013 at 09:32:50AM +0200, Daniele Ricci wrote:
>>> (1) Matt's work on draft-miller-xmpp-e2e (2) OTR (potentially
>>> with future enhancements to make it more XMPP-friendly)
>>> 
>>> Some energy is going into both of those (Paul Wouters and I
>>> plan to sync up at the IETF meeting at the end of July to work
>>> on an Internet-Draft providing informational documentation
>>> about OTR). Since you seem to care about this issue, your
>>> feedback would be welcome.
> 
> Both of these approaches do not protect meta-data (who is talking
> to whom) and allow for statistical attacks on the packets (guess
> what's inside by the size etc).

Neither OTR nor Matt's approach claim to protect metadata.

> More advanced forms of e2e messaging could be torchat and
> retroshare, although I'm not sure they provide forward secrecy.

I'm sure other approaches will be emerging soon, given recent events.

> Since XMPP isn't suitable for keeping meta-data private I would
> presume that e2e privacy is out of scope for this mailing list,
> really.

True.

> No comment on heml.is except that there is a solid lack of
> competence in its design. You don't do e2e with pgp over servers.
> That provides neither meta-data privacy nor forward secrecy.
> 
>> Sure! Because my needs are "mobile-oriented", I have to implement
>> some e2e solution that works when both users are online or not
>> (something like offline-storage OTR?). Of course an "offline"
>> solution is less
> 
> That's the point in OTR: It does a DHE for forward secrecy, but
> that is only possible when both sides are online. What you can do
> for offline messages are to choose between these options: - Make
> the forward secrecy less "perfect" by keeping a DHE alive until 
> both parties are online at the same time again for renegotiation.. 
> - Use PGP until both are online again, but then warn the user that 
> the message can be decrypted by authorities if his or her device 
> gets seized by police.
> 
>> safe than an online one, but of course there might be a
>> compromise (warning the user that e.g. forward secrecy might be
>> compromised because recipient is offline might be an option).
>> Anyway, please keep this in mind when you will discuss your new
>> Internet-Draft.
> 
> Yes, and you should also warn the user that if her smartphone
> still has the factory operating system there may already be an NSA
> backdoor in place before even installing any communications
> software.
> 
> IMHO the only way to offer a confidential e2e communications 
> experience over smartphones is by offering an operating system 
> replacement with builtin onion routing messaging layer.. be it tor,
> retroshare or gnunet. XMPP is no longer appropriate for this
> scenario.

Life was different back in 1999 and we were all more innocent.

Peter

- -- 
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJR5YMlAAoJEOoGpJErxa2pdfUQAJyT7bwMeqUvcEb1suN4W7UN
ATOJscwFVBGuup+DAp7CHSOC/ynLHh/MoSfwUYvHhUKC4SKmGMr/7Ikq6XBsXtpT
nX7NEDFXw2fDJKi48ItO8zVZkIzCghhYZ1PUkOK0FMyz8Im1YrzHXIH1oq2spJrt
OIDSoM1DJFv26QwSrp3+w0er3LC1Gj22d+jM2Vxfr8GOgC4vKwXGdWg7hz1VkRLg
CJ7t93gStIlG9wcFJ2fCnTiLg/bWoGK0uXLNHdHnoa5CMvccsXrfwKNG0T2/4m7G
tcq5JRa+Q+OU4W0rl38yBx2fIb8lzG9pPiQAfeweem6W0zIVJgKk2raFrKtOL46v
a5cLIm09dPQVGrxFkpx4wdzxLaysRx9lQs0v3XMmgw7MugBVzOeNfTSDoNoUvCY/
5tdDxYOzHSiqujVJYsq61R8hU1z737ounPoqslRromIDPpvp8BQu3WMIKz5dAnaF
ruH5gBawbZGG2/VVURoSq+IBUdprV3vYtW07C8UQEBP68YBl7ipJbBucyKnzhzQH
7KK9q1zFo0fSgDH9WBuSVCdaD8S2LwjTi587KIf1RRleWTMefb/kMrUHy0AnAx9+
Gq2GrTZlJ3PSZmS+mqnXPhQYQrRTq164oichUznpBJlOZyVWetdqjqrP2WStck6s
pjt0NDE4GF+MfTo9GiRS
=4aEI
-----END PGP SIGNATURE-----



More information about the Standards mailing list