Re: [Telepathy] Secure communications with Telepathy
Il giorno mar, 27/11/2007 alle 15.31 +0100, Marco Barisione ha scritto: We are working on SSL in gibber and now we need a way to send/receive certificates and to send the private key to the cm. We need something *now*, so I will use the simplest solution, the certificate and the private key of the local user are passed as connection parameters, other certificates are handled by org.freedesktop.Telepathy.Connection.Interface.Security. This solution does not solve every problem (to be honest it's very far from perfect) but it's enough for now, in the future we will look for a more suitable solution. The branch of the spec is at http://techn.ocracy.org/darcs/telepathy-spec.security -- Marco Barisione http://www.barisione.org/ ___ Telepathy mailing list Telepathy@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/telepathy
Re: [Telepathy] Secure communications with Telepathy
[EMAIL PROTECTED] investigò: This solution has a number of problems: - How should I pass the private key to the cm? Is it a problem to pass it on dbus (it could be easily sniffed using dbus-monitor)? If somebody can attach to your session bus, they probably can just as well read your private keys. Usually keys are stored in password-encrypted files but we need to send the key unencrypted over dbus. If this is a problem we could use a private D-Bus connection or a local socket but the latter has some headaches attached as we've seen in tubes and file-transfers. - What to do if I don't have access to the private key (e.g. smart card readers)? - In the case of a connection to a server I need to pause the connection process until the client has verified the server's certificate, to avoid sending the password to an untrusted server. - We need a ListSupportedCertificates() method to know the supported certificate types: X.509, PGP, etc. Is it some interface not currently in the spec? There is no interface for certificates/keys in the spec, we are investigating the possible ways of adding what's missing. Any better idea? Suggestions? We really need some generic security interface on channels. I think that in order to be flexible and cover the use cases already known (e.g. SIP request authentication, end-to-end encryption), it should unify text-based authentication and certificate exchange mechanisms. We are open to suggestions! :) -- Buongiorno. Complimenti per l'ottima scelta. ___ Telepathy mailing list Telepathy@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/telepathy
Re: [Telepathy] Secure communications with Telepathy
Marco Barisione elencò: This solution has a number of problems: - How should I pass the private key to the cm? Is it a problem to pass it on dbus (it could be easily sniffed using dbus-monitor)? - What to do if I don't have access to the private key (e.g. smart card readers)? - In the case of a connection to a server I need to pause the connection process until the client has verified the server's certificate, to avoid sending the password to an untrusted server. - We need a ListSupportedCertificates() method to know the supported certificate types: X.509, PGP, etc. We also plan to add a signature field to the DNS-SD data sent via mDNS by Salut, to certify that the presence information is coming from the right user. Then, to verify it, Salut would have to send the signature and the whole signed data to the client (which is the one with the list of known user certificates). - How should we send this information to the client? - Having a GetSignatureData(user_handle) - [signature, signed_data] to be called from the client when a new user is found would be too Salut-specific? -- Buongiorno. Complimenti per l'ottima scelta. ___ Telepathy mailing list Telepathy@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/telepathy
[Telepathy] Secure communications with Telepathy
We are working on SSL in gibber and now we need a way to send/receive certificates and to send the private key to the cm. At the moment, my only idea is: - The user certificate is passed as a connection parameter to RequestConnection(). - When the connection is established with the server (of course not in salut), the cm emits CertificateReceived(handle, cert_type, cert) with handle set to 0. The client can verify the certificate and drop the connection if something is wrong. - For end-to-end encryption, the cm emits CertificateReceived() when beginning a communication with a peer with the handle of the peer as first argument. The actual verification of the certificate (maybe with user input) is left to the client. This solution has a number of problems: - How should I pass the private key to the cm? Is it a problem to pass it on dbus (it could be easily sniffed using dbus-monitor)? - What to do if I don't have access to the private key (e.g. smart card readers)? - In the case of a connection to a server I need to pause the connection process until the client has verified the server's certificate, to avoid sending the password to an untrusted server. - We need a ListSupportedCertificates() method to know the supported certificate types: X.509, PGP, etc. Any better idea? Suggestions? -- Marco Barisione http://www.barisione.org/ ___ Telepathy mailing list Telepathy@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/telepathy
Re: [Telepathy] Secure communications with Telepathy
Hi, -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ext Marco Barisione Sent: Tuesday, November 27, 2007 4:32 PM To: Telepathy Subject: [Telepathy] Secure communications with Telepathy We are working on SSL in gibber and now we need a way to send/receive certificates and to send the private key to the cm. At the moment, my only idea is: - The user certificate is passed as a connection parameter to RequestConnection(). - When the connection is established with the server (of course not in salut), the cm emits CertificateReceived(handle, cert_type, cert) with handle set to 0. The client can verify the certificate and drop the connection if something is wrong. - For end-to-end encryption, the cm emits CertificateReceived() when beginning a communication with a peer with the handle of the peer as first argument. The actual verification of the certificate (maybe with user input) is left to the client. This solution has a number of problems: - How should I pass the private key to the cm? Is it a problem to pass it on dbus (it could be easily sniffed using dbus-monitor)? If somebody can attach to your session bus, they probably can just as well read your private keys. - What to do if I don't have access to the private key (e.g. smart card readers)? - In the case of a connection to a server I need to pause the connection process until the client has verified the server's certificate, to avoid sending the password to an untrusted server. - We need a ListSupportedCertificates() method to know the supported certificate types: X.509, PGP, etc. Is it some interface not currently in the spec? Any better idea? Suggestions? We really need some generic security interface on channels. I think that in order to be flexible and cover the use cases already known (e.g. SIP request authentication, end-to-end encryption), it should unify text-based authentication and certificate exchange mechanisms. Best regards, Mikhail ___ Telepathy mailing list Telepathy@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/telepathy