[Standards] OpenPGP and XEP-0027

Daniele Ricci daniele.athome at gmail.com
Fri Jul 31 08:27:30 UTC 2015

Hello Goffi,
XEP-0027 has serious security concerns, especially regarding reply
attacks and key verification (you can read those in the "Security
considerations" paragraph of the XEP). It's true that a real
replacement hasn't been drafted yet (there are some drafts, but
nothing really definitive or practical to use).
In my project I use a modified version of XEP-0027, using XEP-0189 for
key management (supervised by the server). I took an example from an
e2e RFC draft (I really can't remember the number now, sorry), which
used Message/CPIM to enforce message metadata inside the encrypted
content. That's a bit more secure than plain XEP-0027, still there are
many other attack vectors that can be used. I'll probably draft a XEP
one day.

As for making XEP-0027 obsolete, that XEP is just informative: it's
the description of a protocol that was never standardized and as I
said it had security issues from the beginning. But at the time,
security was a different thing ;-)

On Fri, Jul 31, 2015 at 10:16 AM, Goffi <goffi at goffi.org> wrote:
> G'day,
> I have a few questions about OpenPGP. XEP-0027 has been obsoleted by council
> on 26/03/2014, but I can't see no explanation.
> OpenPGP is not the best for instant messaging (and OTR is the de facto
> standard), but still it's interesting for normal messages (e.g. with an SMTP
> gateway), and signatures, and offline messages, and probably other use
> cases.
> In addition, it would be nice to have a way to link the public key.
> So why OpenPGP has been obsoleted ? Is is still possible to see it coming
> back throught eventually a new more proper XEP ? I don't mean use it as the
> main e2e encryption model, but being able to use it with gateways or to
> diffuse the public key seems important to me.
> Thanks
> Goffi


More information about the Standards mailing list