IETF Logo Mail Archive

Re: [xmpp] 3920bis: truth in advertising

Peter Saint-Andre <stpeter@stpeter.im> Mon, 18 October 2010 22:02 UTC

Return-Path: <stpeter@stpeter.im>
X-Original-To: xmpp@core3.amsl.com
Delivered-To: xmpp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B0C903A69AD for <xmpp@core3.amsl.com>; Mon, 18 Oct 2010 15:02:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.563
X-Spam-Level:
X-Spam-Status: No, score=-102.563 tagged_above=-999 required=5 tests=[AWL=0.036, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GRkZhbQxYUpm for <xmpp@core3.amsl.com>; Mon, 18 Oct 2010 15:02:46 -0700 (PDT)
Received: from stpeter.im (stpeter.im [207.210.219.233]) by core3.amsl.com (Postfix) with ESMTP id 9B4923A6B8F for <xmpp@ietf.org>; Mon, 18 Oct 2010 15:02:46 -0700 (PDT)
Received: from squire.local (dsl-179-124.dynamic-dsl.frii.net [216.17.179.124]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id B176D40074; Mon, 18 Oct 2010 16:11:31 -0600 (MDT)
Message-ID: <4CBCC45E.7080001@stpeter.im>
Date: Mon, 18 Oct 2010 16:04:14 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.2.9) Gecko/20100915 Thunderbird/3.1.4
MIME-Version: 1.0
To: "Richard L. Barnes" <rbarnes@bbn.com>
References: <4CBCB948.6030402@stpeter.im> <52ED8365-D0C1-4C2D-BCDC-83F454A40828@bbn.com>
In-Reply-To: <52ED8365-D0C1-4C2D-BCDC-83F454A40828@bbn.com>
X-Enigmail-Version: 1.1.1
OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="------------ms060301010603040906070308"
Cc: XMPP <xmpp@ietf.org>
Subject: Re: [xmpp] 3920bis: truth in advertising
X-BeenThere: xmpp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: XMPP Working Group <xmpp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/xmpp>
List-Post: <mailto:xmpp@ietf.org>
List-Help: <mailto:xmpp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Oct 2010 22:02:47 -0000

Potential solutions? There are so many! In roughly chronological order
they are:

1. XEP-0027

2. RFC 3923

3. Off-The-Record Messaging (not XMPP-specific)

4. XEP-0116

5. xmlenc / xmldsig (supposedly in use but never documented)

6. draft-meyer-xmpp-e2e-encryption

7. draft-miller-3923bis

8. XEP-0285

I realize that the great thing about standards is that there are so many
to choose from, but this is getting ridiculous. I'd prefer not to point
out this embarrassment of failures. :)

On 10/18/10 3:44 PM, Richard L. Barnes wrote:
> As someone who is scheduled to do a SECDIR review on this document, that
> makes sense to me. It clearly documents what you do and don't get from
> the TLS protections in XMPP (in the 3920bis sense).  The one thing you
> might add is pointer(s) to some of the potential solutions, e.g., RFC
> 3923 or maybe XEP-0285.
> 
> --Richard
> 
> 
> On Oct 18, 2010, at 5:16 PM, Peter Saint-Andre wrote:
> 
>> Something has been nagging at me. In 3920bis we talk about how TLS helps
>> to ensure confidentiality and integrity at the stream level, but we
>> don't mention that per-stream encryption does not ensure end-to-end
>> protection of stanzas. I think it would be appropriate to call out that
>> fact so we don't lead people astray (and I would expect the reviewer
>> from the security directorate to do so anyway, so we might as well be
>> proactive). Here is proposed text for a new security note that I suggest
>> we add to Section 13.4 ("Confidentiality and Integrity"):
>>
>>      Security Note: The use of TLS in XMPP applies to a single stream.
>>      Because XMPP is typically deployed using a distributed client-
>>      server architecture (as explained under Section 2.5), a stanza
>>      might traverse multiple streams, and not all of those streams
>>      might be TLS-protected.  For example, a stanza sent from a client
>>      with a session at one server (e.g., <romeo@example.net/orchard>)
>>      and intended for delivery to a client with a session at another
>>      server (e.g., <juliet@example.com/balcony>) will traverse three
>>      streams: the stream from the sender's client to its server, the
>>      stream from the sender's server to the recipient's server, and the
>>      stream from the recipient's server to the recipient's client.
>>      Furthermore, the stanza will be processed as cleartext within the
>>      sender's server and the recipient's server.  Therefore, even if
>>      the stream from the sender's client to its server is protected,
>>      the confidentiality and integrity of a stanza sent over that
>>      protected stream cannot be guaranteed when the stanza is processed
>>      by the sender's server, sent from the sender's server to the
>>      recipient's server, processed by the recipient's server, or sent
>>      from the recipient's server to the recipient's client.  Only a
>>      robust technology for end-to-end encryption could ensure the
>>      confidentiality and integrity of a stanza as it traverses all of
>>      the "hops" along a communication path.  Unfortunately, the XMPP
>>      community has so far failed to produce an end-to-end encryption
>>      technology that might be suitable for widespread implementation
>>      and deployment, and definition of such a technology is out of
>>      scope for this document.
>>
>> /psa
>>

v2.23.0 | Report a Bug | By Email