XEP-0374 states that »The child elements of the OpenPGP content element's <payload/> can be seen as stanza extension elements which are encrypted and signed. After the <openpgp/> element and the including <signcrypt/>, element was verified, they SHOULD be processed similar as if they had been direct extension elements of the stanza.«
My interpretation is that this means that both! the regular stanza elements as well as the encrypted stanza elements will be processed. How do we make sure that they are not in conflict to each other; and or the 'outer' stanza elements can be used to manipulate the inner stanzas. A quick example from the top of my head; What if an attacker sneaks in a <replaced id="some-previous-id"/> in the 'outer'/unecrypted stanza. Or what if the outer as well as the inner stanza contain an origin-id. Which one counts? Do the inner elements always overwrite the outer? Should I not process any of the outer elements at all? What about a stanza-id in the outer part? What about SIMS and other message references in the outer stanza? I think one can find a lot of XEPs, which, included in the outer stanza will have some influence on the inner stanza that may or may not be desirable in a XEP that's about security. My proposition would be to ignore all outer elements with some very few white listed exceptions; (like stanza-id). But maybe I'm just misinterpreting the XEP? cheers Daniel _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
