Hi,
On Tue, Nov 19, 2013 at 12:29 PM, Thijs Alkemade <[email protected]> wrote: > > On 19 nov. 2013, at 12:58, Ralf Skyper Kaiser <[email protected]> wrote: > > > Hi > > > > > > On Tue, Nov 19, 2013 at 11:37 AM, Simon Tennant <[email protected]> > wrote: > Automatic key pinning works for SSH, because private keys are rarely > changed > and people are more tech-savy than average XMPP users. If you start doing > this > for XMPP, you'll see a lot of false positives. I doubt you can convince a > large part of the network to start using self-signed certificates valid > for a > long time. Every time a user who doesn't understand the security > implications > removes a pin, the security of the system is weakened because it makes MitM > attacks easier. The manifesto requires software to be able to inform users > when a certificate changes and I think this is the right approach to > automatic > pinning. > By 'average XMPP user' you mean 'average XMPP Server admin' I think. The user only sees a new certificate if the admin chooses to create a new key on the same domain name. The average XMPP server admin is tech-savy. I think I would go as far as saying that the average XMPP server admin is more tech-savy than the average apache admin - and apache/web-browsers are going to support pinning soon. There are enough fallbacks to help the tech-unsavy admin if he looses the key and has to create a new key: - Can use a new domain (jabber-1.mydomain.org becomes jabber-2.mydomain.org - Can ask all users to reinstall the jabber client - Can ask all users to manually remove the pinned key from the client - Can use 'reverse fingerprinting' where the user can remove an old pinned key by entering the fingerprint of the new certificate. - Backup Key (requires protocol change?) > > But right now this is just a proposal, with no working code to go with it. > With the manifesto going in affect on May 19 2014, I think making this a > required part of it would be too soon. > Can we add it as an optional goal for May 19 2014? > > [1] = https://tools.ietf.org/html/draft-ietf-websec-key-pinning-08 > [2] = https://tools.ietf.org/html/draft-perrin-tls-tack-02 > [3] = http://mail.jabber.org/pipermail/standards/2013-November/028229.html > Thanks for [3]! > > Regards, > Thijs > > _______________________________________________ > JDev mailing list > Info: http://mail.jabber.org/mailman/listinfo/jdev > Unsubscribe: [email protected] > _______________________________________________ > >
_______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
