[Standards] OX (OpenPGP for XMPP): A new OpenPGP XEP

Sergei Golovan sgolovan at nes.ru
Thu Jan 7 16:47:49 UTC 2016

Hi Peter,

On Thu, Jan 7, 2016 at 6:07 PM, Peter Saint-Andre <stpeter at stpeter.im> wrote:
> On 1/7/16 5:09 AM, Sergei Golovan wrote:
>> Hi Florian,
>> On Wed, Jan 6, 2016 at 3:32 PM, Florian Schmaus <flo at geekplace.eu> wrote:
>>> Hello everyone,
>>> The current state of the XEP, which we gave the short name 'OX' (OpenPGP
>>> for XMPP), can be found rendered at
>>> http://geekplace.eu/xeps/xep-openpgp/xep-openpgp.html
>> Another issue arises when we look at the public keys announcement
>> via PEP and try to implement this future XEP for groupchat messages.
>> The problem is that PEP doesn't work for MUC at all. There is a
>> deferred experimental XEP-0316 (MUC eventing protocol), though it
>> isn't implemented anywhere as far as I can see.
> The new MIX proposal is essentially PEP-like:
> http://xmpp.org/extensions/inbox/mix.html
> That is, public keys would just be another node in a MIX conversation.

Okay then, let's replace the reference to XEP-0045 by one to the new XEP.

The old XEP-0027 also has the following advantage against the proposed one:
since the key info in XEP-0027 is distributed by presence updates, all parties
interested in using OpenPGP automatically have this key info. In the proposed
XEP one has to explicitly ask every roster item and every MIX room member
to get his key (or to find out that there's no key).

Also, what to do if a user have some keys published and currently is logged
in using a client which knows nothing about OpenPGP (and posiibly nothing
about pubsub at all)? His contact can still get this published key and send
an encrypted message which will never be decrypted (and likely will never
be noticed because it has no body and no recognizable message subelement).

Sergei Golovan

More information about the Standards mailing list