Peter Saint-Andre wrote:
Peter Saint-Andre wrote:This morning I had a short chat about end-to-end encryption with a former Unix kernel hacker, who said that as an IM user he (and people he chats with) would probably be happy enough if all the c2s and s2s channels were encrypted.So I had a chat with someone about that idea today.I freely grant that not everyone trusts their server! This idea is for people who do. [1]So let's say I trust my server. And I trust you. And you trust your server. (To whatever extent "trust" has meaning for me and for you.)Given one hop from client to server and one hop from server to server, I would like to know three things:1. If I have a TLS-encrypted connection to my server. 2. If my server has a TLS-encrypted connection to your server. 3. If you have a TLS-encrypted connection to your server.Right now I can know #1 but I can't know #2 and #3. It would be nice to have a way to discover that.Presumably I can query my server about its connection to your server. My query and my server's reply happen over a TLS-encrypted channel so it can't be tampered with. If I trust my server and it has some trust relationship with your server (common root CA or whatever), then I am two-thirds of the way there.I can query you about your connection to your server but I can't trust that because it is possible that you don't have an encrypted channel to your server, so someone ("Eve") could fake "your" response and tell me that your connection to your server is encrypted when it is not.Is there a way for my server to ask your server if your connection to your server is encrypted?If so, this would enable me to feel my way along the hops. I know my hop to my server is encrypted. I ask my server about its connection to your server. My server asks your server about its connection to you. If all three come back "Check! TLS enabled!" then I at least have confidence that there is no eavesdropper along the chain.
I started working on a spec for this: http://www.xmpp.org/extensions/inbox/hopcheck.htmlStill many details to define. Also it might be nice to have a "verbose" mode (which would return information about the certificates presented or whatever).
Peter -- Peter Saint-Andre XMPP Standards Foundation http://www.xmpp.org/xsf/people/stpeter.shtml
smime.p7s
Description: S/MIME Cryptographic Signature
