RFC: deprecating crypto usage in secret-service

Daiki Ueno ueno at gnu.org
Sun Aug 23 17:46:19 UTC 2020


Hello,

Currently, the secret-service protocol suggests two mechanisms
("algorithms" in the specification) to transfer secrets: "plain" and
"dh-ietf1024-sha256-aes128-cbc-pkcs7".

The former sends secret data in plaintext, while the latter transmits
the data in an encrypted form, using a mechanism similar to to TLS.
Although this works well so far and the algorithm choice is ok-ish, the
custom encryption protocol requires low-level crypto primitives and the
used crypto algorithm, the 1024-bit 'Second Oakley Group', is being
deprecated[1].

At the D-Bus level, there is more secure mechanism to transfer sensitive
data without imposing crypto: file descriptor passing.  I suggest
replacing the existing mechanism with it at least on the platforms where
file descriptor passing is available.

I have submitted a draft MR:
https://gitlab.freedesktop.org/xdg/xdg-specs/-/merge_requests/33

Is there any concerns / suggestions on this?

Regards,

Footnotes:
[1]  https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2



More information about the xdg mailing list