On 06/04/2008 10:43 AM, Dirk Meyer wrote: > Peter Saint-Andre wrote: >> Well XTLS is not well-defined yet, but I will turn my attention to it >> soon. The approach of starttls and then IBB was mentioned by Justin >> Karneges here: >> >> http://mail.jabber.org/pipermail/security/2007-March/000018.html >> >> And that seems reasonable to me. > > My fault. I only took a quick look at xtls and assumed it uses DTLS > (which is scary like Justin wrote). Now that I see that xtls always > uses <iq> and is in fact "normal" tls wrapped in XML it looks good to > me. If you turn your attention to it, I would like to help both > writing and implementing it. I have a small python XMPP implementation > here where I can add stuff like this very easy. The IBB + new stream > stuff is already implemented and works well.
That approach is not clear to me yet, but perhaps I haven't read your document closely enough. > When thinking about IBB + new stream + starttls vs. xtls I see the > following arguments: > > xtls advantages: > > 1. xtls is faster to set up. It does not require to open an IBB, > SOCKS5 or maybe even Jingle to figure out what to use. > > extra stream advantages: > > 1. Bypass the server by using SOCKS5 What attack does that solve? Your XEP-0065 negotiation packets still go through the server. > 2. Reuse code used for link-local messaging > > 3. By using stream compression in the stream inside the IBB you can > save bandwidth > > xtls has only one advantage but it is a huge one. One question remains > for both ways: how do I verify a certificate? And does every entity > has a certificate or only every user? Maybe the user signs all its > entities? XMPP users don't have certificates right now, but they would need them for all this end-to-end encryption stuff (however they could be self-generated RSA/DSA keys, not CA-issued). > Using an existing CA you have to pay a lot of money; users > don't like that :) And setting up your own CA is not that simple, https://www.xmpp.net/ :) But we don't use that for end-user certs yet. > creating self-signed certificates on the other hand is an openssl > one-liner. Right. We've also looked into short authentication strings (SAS) for use in XTLS. But that would be farther out. Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
