Justin Karneges wrote: > On Tuesday 19 August 2008 14:50:42 Dirk Meyer wrote: >> The question we had (and that is the reason I started the discussion) is: >> how to verify the TLS certificates. > > A related topic I want to talk about is private key maintenance. I don't > think average users will be able to maintain private keys. Users will easily > lose their keys, forget to transfer them when buying new computers, create > multiple keys (by accident, or not) if they regularly use XMPP from multiple > computers, etc. Losing or leaving around private keys, and being unaware > that you even have them, seems very dangerous to me. > > One idea that I've kicked around, which can't possibly be new and I haven't > evaluated the security risks of, is optionally storing a password-protected > private key on the XMPP server.
I had the same idea while catching up this thread and I like it. > It may sound like a terrible idea for those of us capable of private > key maintenance, but for the average person who might otherwise > leave a trail of private keys on random computers it may be > preferable... It should be optional. You can put your key on an USB stick or upload to the XMPP encrypted. That sounds like a very good idea to me. Adding very strong encryption here the user only has to remember the password. If he/she can not do that you are our of luck. But if that happens it is not that bad, you "only" have to re-key with all your friends again (and tell them that you are lazy and lost your key). > Extra points if there'd be a way to authenticate to your XMPP > account and retrieve your private key with a single password, > without the XMPP server being able to decrypt the private key. The XMPP password and the key password should be something completly different. Dirk -- As long as there are ill-defined goals, bizarre bugs, and unrealistic schedules, there will be Real Programmers willing to jump in and Solve The Problem, saving the documentation for later.
