Re: [Standards] resurrecting Hop Check (XEP-0219)

[Matthew Wild]

On 6 June 2013 21:12, Kurt Zeilenga  wrote:
> I personally think trying to answer of a question about user-to-user security 
> when security relies on non-E2E security mechanisms is a futile exercise.   
> But I do think my cringe can largely be dealt with through appropriately 
> stated security considerations.

Absolutely, and I think we all agree on that. That's why the XEP
failed the last time around. However the mechanism it provides is
still useful, as long as we don't pretend it's trying to solve
anything security-wise.

Regards,
Matthew

Re: [Standards] resurrecting Hop Check (XEP-0219)

[Kurt Zeilenga]

On Jun 5, 2013, at 7:14 PM, Peter Saint-Andre  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> I've been thinking I'd like to resurrect the Hop Check proposal
> (because after further reflection I think it would be useful, even if
> not perfect):
> 
> http://xmpp.org/extensions/xep-0219.html

This XEP makes me cringe.  :-)

My main problem is that it leaps from a user's desire to know whether their 
communications with another user is secure with whether encryption is being 
used at various hops.   The user is asking an end-to-end question.   If they 
were using end-to-end security mechanisms,  a reasonable answer to their 
question can be given.  But if they are relying on hop to hop security 
mechanisms, it becomes very difficult to usefully answer the question.

For instance, the XEP seems all about letting the user know which hops are 
"encrypted" but a hop which is encrypted is not necessary secure by any 
reasonable definition of the user.  Some TLS encryption ciphers are little 
better than the null cipher.   And even if the cipher was reasonably strong, 
there's the question of authentication.

And then the XEP has a very simplistic view of the communication path.   First, 
there could be a MUC service in the path.  Second, there could be clustered 
XMPP services, application level gateways, TLS concentrators, and all kinds of 
other bizarre devices.   While such devices are out of scope of the XMPP 
standards in general, they exist in real world and hamper the ability to figure 
out which links and/or devices are the weakest links in the path.

I personally think trying to answer of a question about user-to-user security 
when security relies on non-E2E security mechanisms is a futile exercise.   But 
I do think my cringe can largely be dealt with through appropriately stated 
security considerations.

-- Kurt

> 
> Before I post an updated version, does anyone have requests for data
> they'd like to see included in the data format?
> 
> Thanks!
> 
> Peter
> 
> - -- 
> Peter Saint-Andre
> https://stpeter.im/
> 
> 
> -BEGIN PGP SIGNATURE-
> Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
> 
> iQIcBAEBAgAGBQJRr/BwAAoJEOoGpJErxa2pHR0P/0jTB9b8UTCUJOnmRfPyACF9
> 7FI++aJ7a1woKFMnH5Tt0JnZ28SzFed3o9XkusUoC5PFbUiTSNcCRTHvCFeiGozE
> vLY3yXwQuZiUc0fEuwWRrhfgodkSyRrP9vtSax56BWbHMFvrslcbDBPPkQazW79A
> fZq9b1bF3df4aPX8L2RGNPTpeb/wCqjacznNEfQ093ZsBrVvZ3xTwxJQKLMdOG9s
> ElckIiTKqdSvepHzq9f0wmngsPEbkxALM6m/WvDFZeLhm+UCkwvvPLv5EngCLIj1
> K9SAfpbgHirO007s5iyPgwJiAqcZecJ8alC8u435h3wc85Zs4S0Z9ZYBLus+jrnr
> RKeSSDSYXLcz+jomk13BIw77a+izFysj9kPljPEgEBH8lqzflGrFKl/r6/kbtnVn
> P9MeaOspoXLgz+NHXw0qhvjjtvpN+T8x1pJdyL9dTsrPmMDjaBfQVX784R9PcY6r
> 980BGm6nRf89raPHLzKaj4/uGyMOub0wyFGW2sQHdBHpr4ln4MQGyiv+qNa0w1Aq
> pUB610h41uf/3M7ifXlxv1HhNZxf2+Gj3n3E/RnP+4toK1h4PPWNJvpBuI3f7UBa
> nEETd19/UBxlNVA7WelNzaWVA/K6WoQDiiH1hfZmKALfQu+yystGaM0gY8Ulw3dt
> C/igyQGvxz28GvQxUb3y
> =wbXd
> -END PGP SIGNATURE-

[Standards] XEP tagging idea..

[Steffen Larsen]

Hi Guys,

Today I had an idea about our XEPs  
(http://xmpp.org/xmpp-protocols/xmpp-extensions/)
Have anyone ever thought about making search easier in our extensions?

I was wondering why we do not have any searchable tags on the different XEPs. I 
would be easier to find what you are looking for. 
So for example http://xmpp.org/extensions/xep-0166.html could have tags like:

jingle, video, conference, peer-to-peer, signalling etc.

I mean most of us can mostly find what we are looking for there, but beginners 
that are searching for stuff, might find it hard to find what they are looking 
for?

-Just an idea and my 50 cent! :-)

--
Venlig hilsen / Best regards

Steffen Larsen, Founder & CEO
Mobile: +45 51 94 33 33
BrainTrust / http://www.braintrust.dk

[Standards] XEP-0327: Rayo

[Ben Langfeld]

It's been one month since 327 (http://xmpp.org/extensions/xep-0327.html)
was published, and some further work on the spec has been done. Progress
since then can be seen as a diff here:
https://github.com/rayo/xmpp/compare/730f5f85e755cfa2d040c7455fa6b01e0c747c3e...rayo

We still have a collection of outstanding issues on our issue tracker:
https://github.com/rayo/xmpp/issues, and I am sure there are issues with
the spec that we have overlooked, or things that would be more satisfactory
to the XSF.

I would love to hear feedback that anyone could share either here or as
issues on our tracker, along with any suggestions for improvement. This is
the first XEP that I've written and it's a big one...

Regards,
Ben Langfeld

Re: [Standards] resurrecting Hop Check (XEP-0219)

[Matthew Wild]

On 6 June 2013 10:21, Simon Tennant  wrote:
> End to end encryption is a worth goal. This is very cool for getting
> information on the s2s connection.

Perhaps on first sight. However this kind of usage is exactly why the
XEP died last time around. It isn't suitable for anything except
purely informational/debugging purposes. This is because the link can
change - it might be encrypted when you check it, and then reconnect
unencrypted without you knowing. Also, malicious entities can always
lie.

Regards,
Matthew

Re: [Standards] resurrecting Hop Check (XEP-0219)

[Simon Tennant]

End to end encryption is a worth goal. This is very cool for getting
information on the s2s connection.

XEP-0219 makes a lot of assumptions about the network topology always
involving the traditional c2s design.

How might this XEP report meaningful information back to the user in the
following situations:
- cleartext BOSH inside SSL terminated HTTP session?
- cleartext on loopback to new c2s services like XMPP-FTW or the
buddycloud-api?
- websockets?

S.



On 6 June 2013 09:56, Dave Cridland  wrote:

> On Thu, Jun 6, 2013 at 6:11 AM, Philipp Hancke 
> wrote:
>
>> I've been thinking I'd like to resurrect the Hop Check proposal
>>> (because after further reflection I think it would be useful, even if
>>> not perfect):
>>>
>>
>> for debugging/support? +1
>>
>>
> I've not checked back to see whether I liked this or not before, so I
> don't know whether now deciding it'd be a good thing would be an
> embarrassing U-Turn or not...
>
> But FWIW, when this was proposed, I think it was suggested as a "is my
> end-to-end path secure?" - to which the answer is "not if you had to ask" -
> rather than as a debugging protocol.
>
>
>> [...]
>>
>>  Before I post an updated version, does anyone have requests for data
>>> they'd like to see included in the data format?
>>>
>>
>> A bidi flag (for s2s) and the raw certificate data for both dialback and
>> external auth. Probably also whether an SRV record was resolved or the A
>> fallback is used.
>>
>> And keep in mind that most s2s connections still aren't bidi, see the
>> list archives from 2007 for some discussion ;-)
>>
>
> 1) I'd suggest for most things we just stuff features into the thing if
> they've been used, maybe?
>
> So for XEP-0138, we'd see something like:
>
> 
>   
> 
>
> This'd hold for SASL auth, too:
>
> 
>   
> 
>   
> 
>
> 2) I know that having the certificate chain would also be useful, as well
> as any reasoning for trusting it - or not trusting it, perhaps even more
> important. There are many times I'd have dearly loved to have been able to
> tell why a certificate wasn't trusted by the peer in ways that didn't
> involve trying to parse other people's logs, so the reasoning here is more
> useful that the certificate chain to me.
>
> 3) I'd also point out that while it'd be very useful to know how your
> victim authenticates, having this as a mandatory feature seems like a
> security issue. ("Oh, he authenticates using PLAIN without TLS, does he?
> Oh, goody!")
>
> 4) Some links - S2S, for instance - have have different characteristics on
> the return path than the forward path - XEP-0219 never addressed this. I've
> a feeling this one came up at the time.
>
> 5) Currently, this protocol is framed such that each hop is mandated to
> ask the next. It might be useful for this to be reframed as an end-to-end
> protocol, so that Juliet asks her server, then Juliet asks Romeo's server,
> then (possibly) Juliet asks Romeo.
>
> So, erm, basically that's close to a complete rewrite, I think. :-)
>
> Dave.
>



-- 
Simon Tennant | buddycloud.com | +49 17 8545 0880 | office hours:
goo.gl/tQgxP

Re: [Standards] resurrecting Hop Check (XEP-0219)

[Dave Cridland]

On Thu, Jun 6, 2013 at 6:11 AM, Philipp Hancke wrote:

> I've been thinking I'd like to resurrect the Hop Check proposal
>> (because after further reflection I think it would be useful, even if
>> not perfect):
>>
>
> for debugging/support? +1
>
>
I've not checked back to see whether I liked this or not before, so I don't
know whether now deciding it'd be a good thing would be an embarrassing
U-Turn or not...

But FWIW, when this was proposed, I think it was suggested as a "is my
end-to-end path secure?" - to which the answer is "not if you had to ask" -
rather than as a debugging protocol.


> [...]
>
>  Before I post an updated version, does anyone have requests for data
>> they'd like to see included in the data format?
>>
>
> A bidi flag (for s2s) and the raw certificate data for both dialback and
> external auth. Probably also whether an SRV record was resolved or the A
> fallback is used.
>
> And keep in mind that most s2s connections still aren't bidi, see the list
> archives from 2007 for some discussion ;-)
>

1) I'd suggest for most things we just stuff features into the thing if
they've been used, maybe?

So for XEP-0138, we'd see something like:


  


This'd hold for SASL auth, too:


  

  


2) I know that having the certificate chain would also be useful, as well
as any reasoning for trusting it - or not trusting it, perhaps even more
important. There are many times I'd have dearly loved to have been able to
tell why a certificate wasn't trusted by the peer in ways that didn't
involve trying to parse other people's logs, so the reasoning here is more
useful that the certificate chain to me.

3) I'd also point out that while it'd be very useful to know how your
victim authenticates, having this as a mandatory feature seems like a
security issue. ("Oh, he authenticates using PLAIN without TLS, does he?
Oh, goody!")

4) Some links - S2S, for instance - have have different characteristics on
the return path than the forward path - XEP-0219 never addressed this. I've
a feeling this one came up at the time.

5) Currently, this protocol is framed such that each hop is mandated to ask
the next. It might be useful for this to be reframed as an end-to-end
protocol, so that Juliet asks her server, then Juliet asks Romeo's server,
then (possibly) Juliet asks Romeo.

So, erm, basically that's close to a complete rewrite, I think. :-)

Dave.