> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Remko Tronçon > Sent: Wednesday, August 20, 2008 11:25 AM > To: XMPP Security > Subject: Re: [Security] TLS Certificates Verification > > > The XMPP password and the key password should be something completly > > different. > > Yet, in practice, everyone who doesn't know much about security will > use the same password, and you're back to square one. You can try to > ask all clients to consistently refuse keys with the same passphrase > as the account (and vice versa, refuse account password changes that > are the same as the key), yet I doubt if that will work.
I think that comes down to allowing the user to decrease their security if they want. The key would be stored locally in a PFK that is protected using a passphrase. The only chance a hacker would have of impersonating the client is if they perform a physical attack (or break in virtually). This means that, yes, the user would be allowed to use the same passphrase but there would be flashing yellow knobs and bouncing red exclamation points indicating that they really shouldn't. Oh btw, the client refusing the passphrase shouldn't even be possible if the client is coded properly (as it MUST NOT be able to get at the original account password because it should be hashed or something), but we won't pay attention to that :P. > > cheers, > Remko
