RFC: deprecating crypto usage in secret-service
Daiki Ueno
ueno at gnu.org
Sun Aug 23 17:46:19 UTC 2020
Hello,
Currently, the secret-service protocol suggests two mechanisms
("algorithms" in the specification) to transfer secrets: "plain" and
"dh-ietf1024-sha256-aes128-cbc-pkcs7".
The former sends secret data in plaintext, while the latter transmits
the data in an encrypted form, using a mechanism similar to to TLS.
Although this works well so far and the algorithm choice is ok-ish, the
custom encryption protocol requires low-level crypto primitives and the
used crypto algorithm, the 1024-bit 'Second Oakley Group', is being
deprecated[1].
At the D-Bus level, there is more secure mechanism to transfer sensitive
data without imposing crypto: file descriptor passing. I suggest
replacing the existing mechanism with it at least on the platforms where
file descriptor passing is available.
I have submitted a draft MR:
https://gitlab.freedesktop.org/xdg/xdg-specs/-/merge_requests/33
Is there any concerns / suggestions on this?
Regards,
Footnotes:
[1] https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2
More information about the xdg
mailing list