[Standards] UPDATED: XEP-0434 (Trust Messages (TM))

Florian Schmaus flo at geekplace.eu
Tue Jan 12 09:15:15 UTC 2021


I am surprised to find that this XEP does not specify the format of the 
key identifier anywhere (at least I couldn't find it).

I had expected to find that the key identifier is qualified by the 
encryption scheme of the key. That is, instead of
 
<trust>6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4</trust>

we have

<trust type='omemo'>
   6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4
</trust>

And then a section explaining how to derive the key identifier for the 
given 'type'.

Not having the key-identifier format clearly specified appears to be a 
security risk: Imagine someone sending a distrust message and the 
recipient does not understand the key identifier because it uses a 
slightly different way to derive it.


One further minor remark: I do not like that the semantic of 
trust/distrust and the key identifier is convoluted. I personally would 
have designed an extra element for key identifiers.

<key-identifier type='omemo'>
   <fingerprint>
     6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4
   </fingerprint>
</key-identifier>

which then gets wrapped into <trust/> or <distrust/> elements.

The separate <key-identifier/> element allows to be re-used at various 
places, which, I believe, makes the verification of the element more robust.

- Florian

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20210112/73dbd92e/attachment.sig>


More information about the Standards mailing list