On Oct 20, 2010, at 2:13 PM, Alex Milowski wrote: > On Wed, Oct 20, 2010 at 1:11 AM, Dave Cridland <d...@cridland.net> wrote: >> On Wed Oct 20 01:47:58 2010, Alex Milowski wrote: >>> >>> On Sun, Oct 17, 2010 at 5:32 AM, Kurt Zeilenga <kurt.zeile...@isode.com> >>> wrote: >>> >>>> User provides hash: >>>> >>>> <presence >>>> from='ha...@shakespeare.lit/pda' >>>> to='darkc...@chat.shakespeare.lit/thirdwitch'> >>>> <x xmlns='http://jabber.org/protocol/muc'> >>>> <hash algorithm="sha2">hash</hash> >>>> </x> >>>> </presence> >>>> >>>> where hash was the base64 encoded sha2 hash over the concat of >>>> subscribers' normalized bare jid, " ", the room's normalized bare jid, " ", >>>> and the shared password. >>> >>> >>> Yes, this is something like what I'm after. I'm not really looking to >>> have individual identities authenticate. Instead, I'm looking for a >>> more secure way to send the shared credentials for the room. >>> >>> >> At the risk of somewhat contradicting my colleague... >> >> That's equally (in)secure, since the hash is a plaintext equivalent. That's >> protecting you from a different user joining, but someone able to spoof the >> user can just blindly resend the hash. If you sign stanzas, on the other >> hand, the hash is pointless. > > I think I'm not being clear in what I'm after. I just want a MUC room > authentication mechanism that uses challenges.
What's confusing here is whether you want a per room or per subscriber shared secret. If the latter, yes, use SASL. But I don't see much desire to support per subscriber credentials (which are not necessarily tied to their JIDs). If the former, however, I would have significant reservations. SASL mechanisms such as SCRAM is commonly used to authenticate the user's identity to an application service, they are not intended to be used to establish who knows a password shared amongst many users. How would a user know whether to which identity/password, their personal subscriber password or the room's, to use in computing the challenge responses? If this was going to be done, I'd argue that the identity they should assert is the room's jid (versus any identity string specific to the subscriber). For the former, I recommend a simple hash scheme. -- Kurt > > If I were to modify the original suggestion: > > 1. Client joins room > > <presence > from='ha...@shakespeare.lit/pda' > to='darkc...@chat.shakespeare.lit/thirdwitch'> > <x xmlns='http://jabber.org/protocol/muc'/> > </presence> > > 2. Room returns <not-authorized/> error with supported SASL mechanisms > > <presence > from='darkc...@chat.shakespeare.lit' > to='ha...@shakespeare.lit/pda' > type='error'> > <x xmlns='http://jabber.org/protocol/muc'/> > <error type='auth'> > <not-authorized xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/> > <mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'> > <mechanism>SCRAM-SHA-1-PLUS</mechanism> > <mechanism>SCRAM-SHA-1</mechanism> > <mechanism>PLAIN</mechanism> > </mechanisms> > </error> > </presence> > > 3. Client selects an authentication mechanism: > > <presence > from='ha...@shakespeare.lit/pda' > to='darkc...@chat.shakespeare.lit/thirdwitch'> > <x xmlns='http://jabber.org/protocol/muc'> > <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" > mechanism="SCRAM-SHA-1"> > biwsbj1qdWxpZXQscj1vTXNUQUF3QUFBQU1BQUFBTlAwVEFBQUFBQUJQVTBBQQ== > </auth> > </presence> > > 4. Room returns <not-authorized/> error with challenge: > > <presence > from='darkc...@chat.shakespeare.lit' > to='ha...@shakespeare.lit/pda' > type='error'> > <x xmlns='http://jabber.org/protocol/muc'/> > <error type='auth'> > <not-authorized xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/> > <challenge xmlns="urn:ietf:params:xml:ns:xmpp-sasl">...</challenge> > </error> > </presence> > > 5. The user joins with an appropriate response: > > <presence > from='ha...@shakespeare.lit/pda' > to='darkc...@chat.shakespeare.lit/thirdwitch'> > <x xmlns='http://jabber.org/protocol/muc'> > <response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">...</response> > </x> > </presence> > > > -- > --Alex Milowski > "The excellence of grammar as a guide is proportional to the paucity of the > inflexions, i.e. to the degree of analysis effected by the language > considered." > > Bertrand Russell in a footnote of Principles of Mathematics > _______________________________________________ > JDev mailing list > Forum: http://www.jabberforum.org/forumdisplay.php?f=20 > Info: http://mail.jabber.org/mailman/listinfo/jdev > Unsubscribe: jdev-unsubscr...@jabber.org > _______________________________________________ _______________________________________________ JDev mailing list Forum: http://www.jabberforum.org/forumdisplay.php?f=20 Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: jdev-unsubscr...@jabber.org _______________________________________________
