On Jun 5, 2013, at 7:14 PM, Peter Saint-Andre <[email protected]> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I've been thinking I'd like to resurrect the Hop Check proposal > (because after further reflection I think it would be useful, even if > not perfect): > > http://xmpp.org/extensions/xep-0219.html This XEP makes me cringe. :-) My main problem is that it leaps from a user's desire to know whether their communications with another user is secure with whether encryption is being used at various hops. The user is asking an end-to-end question. If they were using end-to-end security mechanisms, a reasonable answer to their question can be given. But if they are relying on hop to hop security mechanisms, it becomes very difficult to usefully answer the question. For instance, the XEP seems all about letting the user know which hops are "encrypted" but a hop which is encrypted is not necessary secure by any reasonable definition of the user. Some TLS encryption ciphers are little better than the null cipher. And even if the cipher was reasonably strong, there's the question of authentication. And then the XEP has a very simplistic view of the communication path. First, there could be a MUC service in the path. Second, there could be clustered XMPP services, application level gateways, TLS concentrators, and all kinds of other bizarre devices. While such devices are out of scope of the XMPP standards in general, they exist in real world and hamper the ability to figure out which links and/or devices are the weakest links in the path. I personally think trying to answer of a question about user-to-user security when security relies on non-E2E security mechanisms is a futile exercise. But I do think my cringe can largely be dealt with through appropriately stated security considerations. -- Kurt > > Before I post an updated version, does anyone have requests for data > they'd like to see included in the data format? > > Thanks! > > Peter > > - -- > Peter Saint-Andre > https://stpeter.im/ > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.19 (Darwin) > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBAgAGBQJRr/BwAAoJEOoGpJErxa2pHR0P/0jTB9b8UTCUJOnmRfPyACF9 > 7FI++aJ7a1woKFMnH5Tt0JnZ28SzFed3o9XkusUoC5PFbUiTSNcCRTHvCFeiGozE > vLY3yXwQuZiUc0fEuwWRrhfgodkSyRrP9vtSax56BWbHMFvrslcbDBPPkQazW79A > fZq9b1bF3df4aPX8L2RGNPTpeb/wCqjacznNEfQ093ZsBrVvZ3xTwxJQKLMdOG9s > ElckIiTKqdSvepHzq9f0wmngsPEbkxALM6m/WvDFZeLhm+UCkwvvPLv5EngCLIj1 > K9SAfpbgHirO007s5iyPgwJiAqcZecJ8alC8u435h3wc85Zs4S0Z9ZYBLus+jrnr > RKeSSDSYXLcz+jomk13BIw77a+izFysj9kPljPEgEBH8lqzflGrFKl/r6/kbtnVn > P9MeaOspoXLgz+NHXw0qhvjjtvpN+T8x1pJdyL9dTsrPmMDjaBfQVX784R9PcY6r > 980BGm6nRf89raPHLzKaj4/uGyMOub0wyFGW2sQHdBHpr4ln4MQGyiv+qNa0w1Aq > pUB610h41uf/3M7ifXlxv1HhNZxf2+Gj3n3E/RnP+4toK1h4PPWNJvpBuI3f7UBa > nEETd19/UBxlNVA7WelNzaWVA/K6WoQDiiH1hfZmKALfQu+yystGaM0gY8Ulw3dt > C/igyQGvxz28GvQxUb3y > =wbXd > -----END PGP SIGNATURE-----
