On Jun 4, 2008, at 10:14 AM, Philipp Hancke wrote:
Hi Pedro,
[...]
2. XMPP host xmpp.other.isp then sends a XMPP domain stream
activation request. It generates a random key, signs it with
pessoa.lit certificate and encrypts it with saramago.lit
certificate. Then it sends this request to xmpp.my.isp.
You have a valid certificate and private keys for all of the domains
you're hosting?
Yes, I have to if I want to host them. Same thing if you are a HTTPS
hosting company.
I don't know how you can reduce the number of certificates and keep
the same security properties of the protocol.
The request includes the pessoa.lit certificate? If not, how does
saramago.lit obtain the certificate to check the signature in step 3?
How does it work today? The certificate could be included in the
request or a out-of-band method could be used to obtain it. The
security is not based on how you get the other party certificate but
on the CA that signed it, right?
In the PGP/GPG world there are key servers. In the X.509 is there
anything similar? OCSP allows you to check the status of a
certificate but I don't know if it can be used to find them.
'random' keys are usually bad (replay attacks). The key should be - in
part - based on a challenge by xmpp.my.isp. Which makes this quite
similar to how dialback keys are generated... if you replace the key
validation part (4.3/4.4 in xep 220) with crypto instead of DNS mojo.
That is the idea, maybe I was not clear. The current challenge in a
dialback scenario is also random, right? The point is that the
initiator chooses some key/string and uses that in the process.
One of the reasons I send this here, is that my knowledge of
certificates and X.509 is limited. I understand the concepts of pki
but I don't have a lot of knowledge about X.509. So it might show a
bit in the proposal. Thanks for any corrections.
Best regards,
--
Pedro Melo
Blog: http://www.simplicidade.org/notes/
XMPP ID: [EMAIL PROTECTED]
Use XMPP!
