[Standards] Proposed XMPP Extension: OMEMO Encryption

Fabian Beutel fabian.beutel at gmx.de
Fri Oct 7 18:19:23 UTC 2016


Maybe this is a good time to bring up a question regarding full stanza
encryption [1]:

Maybe we can include a mechanism for encrypting full stanzas (including
IQs), not just Message's <body> elements? Or do you think a separate XEP
building upon the defenitions of the current one would be better suited
for that?

I'm especially thinking about jingle negotiations that can leak a lot of
meta data. Even in the case of "OMEMO Encrypted Jingle File Transfer"
full stanza encryption prevents a lot of information leakage.

Best regards,
Fabian

[1] I tried to bring up a similar discussion on OpenPGP recently, see
https://mail.jabber.org/pipermail/standards/2016-September/031440.html

On 01.10.2016 13:49, Daniel Gultsch wrote:
> FYI: There is a pending PR [1] that rewrites the OMEMO XEP to use the
> (well documented) Olm specification and also adds some minor
> improvements that came up during the audit [2].
> 
> cheers
> Daniel
> 
> [1]: https://github.com/xsf/xeps/pull/251
> [2]: https://conversations.im/omemo/audit.pdf
> 
> 2015-10-28 16:42 GMT+01:00 XMPP Extensions Editor <editor at xmpp.org>:
>> The XMPP Extensions Editor has received a proposal for a new XEP.
>>
>> Title: OMEMO Encryption
>>
>> Abstract: This specification defines a protocol for end-to-end encryption in one-on-one chats that may have multiple clients per account.
>>
>> URL: http://xmpp.org/extensions/inbox/omemo.html
>>
>> The XMPP Council will decide in the next two weeks whether to accept this proposal as an official XEP.
>>
> _______________________________________________
> Standards mailing list
> Info: https://mail.jabber.org/mailman/listinfo/standards
> Unsubscribe: Standards-unsubscribe at xmpp.org
> _______________________________________________
> 



More information about the Standards mailing list