Re: [xmpp] Fwd: I-D Action:draft-miller-3923bis-00.txt
Kurt Zeilenga <Kurt.Zeilenga@Isode.com> Tue, 02 March 2010 20:26 UTC
Return-Path: <Kurt.Zeilenga@Isode.com>
X-Original-To: xmpp@core3.amsl.com
Delivered-To: xmpp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BF8463A8C74 for <xmpp@core3.amsl.com>; Tue, 2 Mar 2010 12:26:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 40tk4E9t29bq for <xmpp@core3.amsl.com>; Tue, 2 Mar 2010 12:26:13 -0800 (PST)
Received: from rufus.isode.com (rufus.isode.com [62.3.217.251]) by core3.amsl.com (Postfix) with ESMTP id 8930728C17B for <xmpp@ietf.org>; Tue, 2 Mar 2010 12:26:13 -0800 (PST)
Received: from [192.168.1.101] ((unknown) [75.141.233.128]) by rufus.isode.com (submission channel) via TCP with ESMTPSA id <S410XwAu7gPw@rufus.isode.com>; Tue, 2 Mar 2010 20:26:13 +0000
X-SMTP-Protocol-Errors: NORDNS
From: Kurt Zeilenga <Kurt.Zeilenga@Isode.com>
In-Reply-To: <A0374BDF-4B5E-4131-973B-2738E480E19B@cisco.com>
Date: Tue, 02 Mar 2010 12:26:05 -0800
Message-Id: <D3FA5A58-BBC3-41FF-AA60-A71D06428B12@Isode.com>
References: <4B8C5955.10004@stpeter.im> <8687B872-295A-4976-B2E4-64CF5F2ECBBC@Isode.com> <A0374BDF-4B5E-4131-973B-2738E480E19B@cisco.com>
To: Matthew Miller <mamille2@cisco.com>
X-Mailer: Apple Mail (2.1077)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Cc: XMPP <xmpp@ietf.org>
Subject: Re: [xmpp] Fwd: I-D Action:draft-miller-3923bis-00.txt
X-BeenThere: xmpp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: XMPP Working Group <xmpp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/xmpp>
List-Post: <mailto:xmpp@ietf.org>
List-Help: <mailto:xmpp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Mar 2010 20:26:14 -0000
On Mar 2, 2010, at 6:57 AM, Matthew Miller wrote: > On Mar 1, 2010, at 20:26, Kurt Zeilenga wrote: > >> Peter, Matthew: >> >> Why are there copies of the time stamp and thread id sent in the clear? >> >> I would think that having in-the-clear copies would raise some security concerns. >> > > What's not normatively stated is that the visible <thread/> is (SHOULD, MUST?) be different than the encrypted version. Clients use <thread/>s to note the conversation flow. That said, and now that I've stepped back from it for a while, I see the concern. I would assume that the receiving client should rely only on the signed and encrypted data and hence would assume that all other information is for the benefit of other entities. If the outside thread-id serves no other entity, it might be extraneous. > We didn't see the timestamp as something to be concerned with, however. I had two concerns. One simply carrying useless copies. That is, the receiving client would rely only on the inside timestamp. As above, the outside timestamp might be extraneous. But I wonder if having a copy of the timestamp on the outside might aide in mounting some sort of known/chosen plain text attack. I'll leave that to the crypto experts to analyze. -- Kurt > >> >> Regards, Kurt >> >> On Mar 1, 2010, at 4:18 PM, Peter Saint-Andre wrote: >> >>> FYI. This document sketches out an alternate approach to meeting our >>> end-to-end encryption requirements, if only to initiate more discussion >>> about the topic... >>> >>> /psa >>> >>> -------- Original Message -------- >>> Subject: I-D Action:draft-miller-3923bis-00.txt >>> Date: Mon, 1 Mar 2010 16:15:01 -0800 (PST) >>> From: Internet-Drafts@ietf.org >>> Reply-To: internet-drafts@ietf.org >>> To: i-d-announce@ietf.org >>> >>> A New Internet-Draft is available from the on-line Internet-Drafts >>> directories. >>> >>> Title : End-to-End Object Encryption for the Extensible >>> Messaging and Presence Protocol (XMPP) >>> Author(s) : M. Miller, P. Saint-Andre >>> Filename : draft-miller-3923bis-00.txt >>> Pages : 10 >>> Date : 2010-03-01 >>> >>> This document defines a method of end-to-end object encryption for >>> the Extensible Messaging and Presence Protocol (XMPP). The protocol >>> defined herein is a simplified version of the protocol defined in RFC >>> 3923. >>> >>> A URL for this Internet-Draft is: >>> http://www.ietf.org/internet-drafts/draft-miller-3923bis-00.txt >>> >>> >>> _______________________________________________ >>> xmpp mailing list >>> xmpp@ietf.org >>> https://www.ietf.org/mailman/listinfo/xmpp >> >> _______________________________________________ >> xmpp mailing list >> xmpp@ietf.org >> https://www.ietf.org/mailman/listinfo/xmpp > > _______________________________________________ > xmpp mailing list > xmpp@ietf.org > https://www.ietf.org/mailman/listinfo/xmpp
- [xmpp] Fwd: I-D Action:draft-miller-3923bis-00.txt Peter Saint-Andre
- Re: [xmpp] Fwd: I-D Action:draft-miller-3923bis-0… Sean Turner
- Re: [xmpp] Fwd: I-D Action:draft-miller-3923bis-0… Peter Saint-Andre
- Re: [xmpp] Fwd: I-D Action:draft-miller-3923bis-0… Kurt Zeilenga
- Re: [xmpp] Fwd: I-D Action:draft-miller-3923bis-0… Matthew Miller
- Re: [xmpp] Fwd: I-D Action:draft-miller-3923bis-0… Kurt Zeilenga