[Standards] Proposal: XEP for Key and Signature Publishing and Verification

Fabian Beutel fabian.beutel at gmx.de
Thu Apr 14 18:37:14 UTC 2016

Hey everyone,

there is currently some momentum towards bringing better end-to-end
encryption to XMPP, namely the OMEMO and the new OpenPGP XEPs.
However, what is still missing is a unified way of exchanging keys and,
maybe even more importantly, signatures.

I saw that in the Conversations client there already is a basic
mechanism for signing OMEMO keys with a x.509 certificate.

I took the freedom to go one step further and write down a (very) early
draft of how a XEP could look like which specifies a process of signing
keys with other keys and publishing those signatures.

This way, for example, Alice could use an existing OpenPGP key to sign a
new OMEMO key (that may reside on another device) and publish the
signature so that Bob, who may already have trust in Alice's PGP key,
doesn't have to manually verify the new key as well.

I have written down some more use cases in the XEP draft.

It would be great if some of you could give some feedback on whether you
think the ideas therein are any good or if you agree that there is
indeed need for such a specification.

Please keep in mind that this is a very early draft and any feedback is
welcome! I also really don't cling on any of the technical solutions
proposed therein, so if you think there are more elegant ways to solve
the issues addressed by this XEP, I would love to hear them.
After all, the reason I posted this XEP in such an unfinished state is
to gather some input on the topic...

A first rendered version can be found here:

The source is on github:

Specifically I would be interested in hearing some feedback on the
following points:

- Do you think it makes sense to separate metadata and data on the
pubsub node in the way it is proposed here? Or does that impose too many
round trips? I included it here, because keys and certificates can be
quite large...

- Should the XEP secify a way of publishing keys as well (as opposed to
just signatures), considering that the OMEMO and OpenPGP specs already
have ways of doing that? I thought it was the easiest solution to
include it in the XEP, so that we have a well-defined terminology when
talking about key ids etc.

Finally, please be mild when judging the XEP draft, as this is my first
attempt at formulating a XEP :)

Best regards,

More information about the Standards mailing list