[Standards] XEP-0384: OMEMO Encryption - Feedbacks and proposals

forenjunkie forenjunkie at chello.at
Fri Jan 6 15:27:27 UTC 2017


I see no downside with your proposal, but the upsides are not as plenty 
as you described.

1. every client gets notified already if a update to the device list is 
made, otherwise OMEMO would not work half of the time

2. there is no code that is added *only* to prevent the race condition, 
a device has always be aware of all device ids that are published, and 
also has to have the ability to delete the whole device list. So in any 
case you need code that sees if your own device id is not in the list 
anymore, and can add itself to the devicelist again. this code is 
additionally also what prevents the race condition. I dont know if its 
easier to just overwrite the list like we do now, or delete all items of 
a node.

It still maybe a cleaner implementation, im not very knowledgeable on 

Am 06.01.2017 um 09:36 schrieb Jaussoin Timothée:
> The current usage of PEP is, for me, not optimal and overly complex. 
> Having a list of devices that needs to be synchronized on a node and 
> their related bundles on some others brings race-conditions issues 
> (actually mentioned in the Example 2.) and forces the clients to 
> implement extra checks to ensure that everything is properly 
> synchronized.
> Proposal :
> I propose to simply publish the bundles on several items in one unique 
> "urx:xmpp:omemo:0" node. Each item ID will be the device ID.
> To discover the device ID list a simple 
> http://jabber.org/protocol/disco#items query would then be sufficient 
> and will rely on existing PEP/Pubsub implementations (client and 
> server wise). Furthermore, each client could be instantly notified 
> when a device has been added or retracted from the list.
> A similar behavior has already been standardized in XEP-0277: 
> Microblogging over XMPP.
> This seems to already work with servers like Metronome and ejabberd 
> (not Prosody for now) and should not cause issues with existing OMEMO 
> implementations that are still based on Axolotl and using the 
> eu.siacs.conversations.axolotl namespace.
> Regards,
> Timothée Jaussoin aka edhelas
> _______________________________________________
> Standards mailing list
> Info: https://mail.jabber.org/mailman/listinfo/standards
> Unsubscribe: Standards-unsubscribe at xmpp.org
> _______________________________________________

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20170106/b2813c69/attachment.html>

More information about the Standards mailing list