[Standards] Proposed XMPP Extension: Jingle Encrypted Transports

Paul Schaub vanitasvitae at riseup.net
Wed Aug 30 20:10:58 UTC 2017


Hello everybody!

I'm very glad to see some discussion on my proposal :)

> The Council will decide in the next two weeks whether to accept this
> proposal as an official XEP.

First things first: My intention for submitting JET to the XSF inbox was
to get some comments and first feedback in order to discover caveats and
pitfalls in the protocol.
By no means I'd consider JET ready to be implemented or accepted :D

Am 30.08.2017 um 17:47 schrieb Daniel Gultsch:
> I feel like this XEP is underspecified. On one hand it tries to be
> agnostic of the actual encryption being used on the other hand it is
> not necessarily clear to me - given a an encryption method X - how
> exactly the transport secret is encrypted in method X. The OpenPGP
> examples look like the TS is put into the body??? And in OMEMO as
> well?

Correct, the transport secret is interpreted as the body for the
encryption function. I specified it that way, since OMEMO also only
encrypts <body/> elements and I thought that probably every encryption
method will offer some kind of body encryption. I know that this is not
ideal, so I'd love to find a better way :)

The fact, that for example OX offers multiple encryption modes (<crypt/>
and <signcrypt/>) gives me the feeling, that it might be desirable to
have JET only specify, how the transport is secured using the symmetric
key and have multiple sub-XEPs (is that a thing?) for OX, OMEMO etc.
Those might also have their own namespaces then.

> important things like discovery are missing.

I'm aware of that, but I think at least that will be easily fixable :)

Greetings vv

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20170830/06e920e9/attachment.sig>


More information about the Standards mailing list