Re: [xmpp] New(ish) draft: Secure Messaging in XMPP

Florian Schmaus <flo@geekplace.eu> Mon, 26 October 2015 17:14 UTC

Return-Path: <fschmaus@gmail.com>
X-Original-To: xmpp@ietfa.amsl.com
Delivered-To: xmpp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B78781B4FD9 for <xmpp@ietfa.amsl.com>; Mon, 26 Oct 2015 10:14:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZLHn_sHVcVAt for <xmpp@ietfa.amsl.com>; Mon, 26 Oct 2015 10:14:14 -0700 (PDT)
Received: from mail-wi0-f180.google.com (mail-wi0-f180.google.com [209.85.212.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8275E1B4FD7 for <xmpp@ietf.org>; Mon, 26 Oct 2015 10:14:13 -0700 (PDT)
Received: by wicll6 with SMTP id ll6so124226055wic.0 for <xmpp@ietf.org>; Mon, 26 Oct 2015 10:14:12 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-type; bh=FP5mzWQ7oB9dl0kSnd3Q5muDhhYcNde/BIofUJo7u08=; b=ieOSwJP/hLSqfc91yygKVdAQ8HPDMmNoYvcqeAd2TZPEEJwJxiu2nVHby21QtInOKS P/ZpCsC0Cy6J+aao5tBlKs6wUPuZtEN9VlUomkCF06ORt6J6xeSX/yGeXaO28zuuSDJJ mmIpiI+Ni60id1ua0zoiBRCS0QJ1FoEItC9azxeReBzmkUW9xQ4jBvFX3JZXnyiM//LK 4dOPus/Wk++BZo5YCKSKK6lxm/MUR+7rlPVkvp10FvkhOgpHtBJVgfoavtyoSsQsmcIu VSZOIv2521azy/biR/6ITfrFv7bOk7TKHHbwv/tnRjzfd5YCa0XEgnnsItbBqZvEi+sF lYZg==
X-Received: by 10.195.11.33 with SMTP id ef1mr14503129wjd.34.1445879651974; Mon, 26 Oct 2015 10:14:11 -0700 (PDT)
Received: from [131.188.34.87] (flowbook.informatik.uni-erlangen.de. [131.188.34.87]) by smtp.googlemail.com with ESMTPSA id fx19sm14616916wic.2.2015.10.26.10.14.11 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 26 Oct 2015 10:14:11 -0700 (PDT)
To: Adam Roach <adam@nostrum.com>, xmpp@ietf.org
References: <562AA40E.40407@nostrum.com>
From: Florian Schmaus <flo@geekplace.eu>
X-Enigmail-Draft-Status: N1110
Message-ID: <562E5F53.9060104@geekplace.eu>
Date: Mon, 26 Oct 2015 18:13:55 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <562AA40E.40407@nostrum.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="KXm9qiKvloHqjMU4L0LS8SOOaxepD7Rag"
Archived-At: <http://mailarchive.ietf.org/arch/msg/xmpp/7YA7LCkinP-jyR7l1_y46J-MBgw>
Cc: Martin Thomson <martin.thomson@gmail.com>
Subject: Re: [xmpp] New(ish) draft: Secure Messaging in XMPP
X-BeenThere: xmpp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: XMPP Working Group <xmpp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/xmpp>, <mailto:xmpp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/xmpp/>
List-Post: <mailto:xmpp@ietf.org>
List-Help: <mailto:xmpp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Oct 2015 17:14:15 -0000

On 23.10.2015 23:18, Adam Roach wrote:
> XMPP folks:
> 
> Martin and I put together a proposal for an approach that allows for
> end-to-end encrypted XMPP conversations, including in the presence of
> MUC. Although not a completely implementable spec, this should give a
> good idea about the direction we have in mind:
> 
> https://tools.ietf.org/html/draft-thomson-xmpp-secure-00
> 
> Anyone interested in this work should give it a read and provide
> feedback.

What Thijs and Philipp said so far.

What's the motivation behind using Presence to announce the Keys? PEP
appears to be a much better choice.

I also think that it should be possible, although very inefficiently in
terms of bandwidth, to design an XEP which uses OMEMO for MUC
encryption. Which makes me wonder what your selling points compared to
OMEMO are?

- Florian