Hey, I very much like the idea of having the option to encrypt complete stanzas! I think this could be implemented transparently and would allow all kind of jingle session meta data to be secret.
I wrote about this on this list on two occasions already: https://mail.jabber.org/pipermail/standards/2016-October/031475.html https://mail.jabber.org/pipermail/standards/2016-September/031440.html Basically, I would love to see a specification which describes how to transparently encrypt arbitrary stanzas (or parts of stanzas). This should be kept in a separate XEP from encrypted Jingle-Filetransfer, however, the latter could then refer to the stanza-encryption-XEP for not leaking meta data etc. Best regards, Fabian On 04.06.2017 15:31, Remko Tronçon wrote: > Hi Vanitasvitae! > > I wonder if it would make sense to use something like xmlenc to have a > 'generic' way to encrypt (parts of) stanzas. This way, you can decouple > the encryption key info etc. from the things you want to encrypt, and > you can choose to encrypt entire elements, or just parts of elements. > > For example, if you want to encrypt the entire <file> metadata: > > <iq> > <encrypted xmlns='urn:xmpp:omemo:0'> > <header sid='27183'> > <key rid='31415'>BASE64ENCODED...</key> > <key rid='12321'>BASE64ENCODED...</key> > ... > </header> > </encrypted> > <jingle xmlns='urn:xmpp:jingle:1' > action='session-initiate' > initiator='romeo@montague.example/dr4hcr0st3lup4c' > sid='851ba2'> > <content creator='initiator' name='a-file-offer' senders='initiator'> > <description xmlns='urn:xmpp:jingle:apps:encrypted:file-transfer:0'> > <!-- Encrypt entire file Element (#Element) --> > <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#"; > Type="http://www.w3.org/2001/04/xmlenc#Element";> > <EncryptionMethod > Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> > <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> > <KeyName>omemo</KeyName> > </KeyInfo> > <CipherData> > > <CipherValue>/7VSyS4tbcfsq7JYhZRgQE8bNkiyUJKi68FdmdoA2PIRjGumbfI35X2om/4mbfHteCAEBATpsr/l/HvQf7GERGtvmuupNFh7reGeSWl8wajwwYyfQi9BM6MfjZKi8D9Q94FhWz2p0LMVEjduI9svzKOf/uLI3JolK39nH70ezvyYebybpasDxC51SypmVU1p</CipherValue> > </CipherData> > </EncryptedData> > </description> > </content> > </jingle> > </iq> > > Or, if you just want to encrypt only parts of the <file> (e.g. not the hash) > > <iq> > <encrypted xmlns='urn:xmpp:omemo:0'> > <header sid='27183'> > <key rid='31415'>BASE64ENCODED...</key> > <key rid='12321'>BASE64ENCODED...</key> > ... > </header> > </encrypted> > <jingle xmlns='urn:xmpp:jingle:1' > action='session-initiate' > initiator='romeo@montague.example/dr4hcr0st3lup4c' > sid='851ba2'> > <content creator='initiator' name='a-file-offer' senders='initiator'> > <description xmlns='urn:xmpp:jingle:apps:encrypted:file-transfer:0'> > <file> > <hash xmlns='urn:xmpp:hashes:2' > algo='sha-1'>w0mcJylzCn+AfvuGdqkty2+KP48=</hash> > > <!-- Encrypt only part of file content (#Content) --> > <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#"; > Type="http://www.w3.org/2001/04/xmlenc#Content";> > <EncryptionMethod > Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/> > <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> > <KeyName>omemo</KeyName> > </KeyInfo> > <CipherData> > > <CipherValue>/7VSyS4tbcfsq7JYhZRgQE8bNkiyUJKi68FdmdoA2PIRjGumbfI35X2om/4mbfHteCAEBATpsr/l/HvQf7GERGtvmuupNFh7reGeSWl8wajwwYyfQi9BM6MfjZKi8D9Q94FhWz2p0LMVEjduI9svzKOf/uLI3JolK39nH70ezvyYebybpasDxC51SypmVU1p</CipherValue> > </CipherData> > </EncryptedData> > </file> > </description> > </content> > </jingle> > </iq> > > KeyInfo could be used to distinguish where the key material is coming > from for encryption (e.g. OMEMO element at the top of the IQ). > > I'm not saying xmlenc is very elegant, and it's very broad, but it has > the advantage that you may get an implementation for free in your > language? It might need some restricting of possible algorithms/keys/... > for clients that need to implement this themselves if they don't have > xmlenc available. > > Remko > > > _______________________________________________ > Standards mailing list > Info: https://mail.jabber.org/mailman/listinfo/standards > Unsubscribe: standards-unsubscr...@xmpp.org > _______________________________________________ > _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________
