[Standards] e2e privacy for XMPP Re: RFC 3923 (e2e with S/MIME) and OpenPGP

Thijs Alkemade thijs at xnyhps.nl
Tue Nov 19 00:26:07 UTC 2013

On 18 nov. 2013, at 23:49, Carlo v. Loesch <CvL at mail.symlynX.com> wrote:

> On 11/18/2013 01:53 PM, Florian Zeitz wrote:
>> On 18.11.2013 13:38, Steffen Larsen wrote:
>>> Well you can €œalways” run XMPP on top of TOR if you like that, if it is the S2S routing that bothers you. :-)
> Not so simple.. S2S protocols expect you to have a well-defined domain name
> so it takes some tweaking to use a XXX.onion instead - especially if you'd
> like to have enhanced forward secrecy by embedding TLS: how the hell will
> you validate a .onion certificate? This would require a whole new XEP and
> a certification strategy to go with it.

Federating over hidden services requires some extra work, but it’s not that
hard. I’ve written a Prosody module for it, which can be found at [1]. Some
more background at [2].

Tor already offers forward secrecy, if I remember correctly it uses TLS with
EDH. Unless you want to assert a clearnet identity, I don't see the added
benefit of using TLS when accessing a hidden service.

For s2s, you have the same solution as with most servers currently: dialback.
.onion addresses being cryptographically verified makes this actually secure
in this case. This would work even when federating between hidden services and
normal XMPP servers (although the normal server needs Tor access, of course,
and the hidden service must keep in mind to always use Tor to dialback).

[1] = https://code.google.com/p/prosody-modules/wiki/mod_onions
[2] = https://blog.thijsalkema.de/blog/2013/06/11/xmpp-federation-over-tor-hidden-services/

More information about the Standards mailing list