[Telepathy] XMPP: OpenPGP SASL mechanism
Peter Saint-Andre
stpeter at stpeter.im
Wed Apr 17 08:28:21 PDT 2013
On 4/17/13 9:18 AM, Daniele Ricci wrote:
> On Wed, Apr 17, 2013 at 5:08 PM, Simon McVittie
> <simon.mcvittie at collabora.co.uk> wrote:
>> I suggest talking to an appropriate standardization group (we are not
>> one of those; the XMPP mailing lists might be) to make this into a
>> usable and secure specification.
> This will be my next step.
>
>> Isn't this rather exploitable? If a malicious server sends
>>
>> <challenge>I, Daniele Ricci, promise to pay Simon McVittie $1
>> million</challenge>
>>
>> then you probably don't want to be signing that with your PGP key :-)
>>
>> (Or if the user is a Debian/Ubuntu developer with upload privileges, it
>> could present a Debian .changes file authorizing the upload of a
>> malicious package, for instance.)
>>
> Other than checking the server challenge for a specific syntax, is
> there any other way to make this secure? How do I prove that client
> has the private key it claims to have?
>
I second Simon's advice to discuss this in an appropriate standards
organization, such as the XSF [0].
I'll go further and recommend that you implement RFC 6091 [1] and then
use the SASL EXTERNAL mechanism. You will need support on the server
side as well, of course. I suggest that Prosody [2] would be a great
place to start, since it is the most hacker-friendly XMPP server project
these days.
Peter
[0] http://xmpp.org/
[1] https://datatracker.ietf.org/doc/rfc6091/
[2] http://prosody.im/
More information about the telepathy
mailing list