Hi list! Let me give some feedback to the Trust Messages ProtoXEP.
I'm not sure how well this specification performs against replay attacks. If some encryption mechanism which prevents re-decryption of old messages like OMEMO is used to encrypt the messages, than replay attacks are probably not an issue, but I can imagine an attacker replaying an OX encrypted message, reactivating some old devices. I know this is a rather exotic attack vector, but I feel like the specification should at least acknowledge it in some way. As a counter measure I could imagine forcing the use of a SCE <timestamp/> element for example. Personally I'm not a huge fan of web-of-trust-like structures, so I dislike that example 5 shows Alice telling Carol to trust Bob. However, there may be a use case for this, so maybe it is a good thing to at least have the option to construct WOT structures, even though I wouldn't do that personally. While I'd still prefer using a master key that signs device keys for simplified trust management, I can see some valid edge scenarios where using Trust Messages would be preferable. What I don't really like is the need to send individual messages to all contacts. I'd prefer some PEP like solution to this, but I know that this is not really possible, as the messages have to be encrypted per-contact. Style: There are some very long, confusing sentences in the specification, eg. "In combination with the usage of Message Archive Management (XEP-0313) <https://xmpp.org/extensions/xep-0313.html> [5 <https://xmpp.org/extensions/inbox/trust-messages.html#nt-idm45137930897408>], the delivery of trust messages to temporarily offline endpoints is ensured even if they are available under a different resource after going online than the last known one before going offline." Shortening those would increase readability. In summary, there are some things left open which I'd like to see specified and readability can be improved. Other than that I'm fine with this :) Happy Hacking! On 18.02.20 16:55, Jonas Schäfer (XSF Editor) wrote: > The XMPP Extensions Editor has received a proposal for a new XEP. > > Title: Trust Messages > Abstract: > This document specifies a way to communicate the trust in public long- > term keys used by end-to-end encryption protocols from one endpoint to > another. > > URL: https://xmpp.org/extensions/inbox/trust-messages.html > > The Council will decide in the next two weeks whether to accept this > proposal as an official XEP. > _______________________________________________ > Standards mailing list > Info: https://mail.jabber.org/mailman/listinfo/standards > Unsubscribe: [email protected] > _______________________________________________
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
