[JDEV] Security

David Waite mass at ufl.edu
Fri Apr 7 15:28:06 CDT 2000 

First off (security-wise) there are three things, two of which already
exist:
- digest auth can be used to authenticate to the server - this makes it so
that the password is not sent to the server in plaintext, so that someone
snooping the connection will not be able to see the users password then log
in as them
- SSL connection to the server makes all client -> server traffic encrypted.
This does not protect the message traffic from snooping outside of the
server, and does not protect the user from the server administrator reading
the data (i.e. even if all clients connect visa SSL and do not communicate
inter-server, there still is a small amount of trust in the server admin to
not read all the data.) It should be noted that SSL is rather expensive as
far as system resources- an ICQ-type service would not be able to use this -
it would be for a limited number of users, perhaps the machine sitting on a
company firewall could use this so people could communicate to people
securely from home.
- packet encryption and authentication, done client-side. This is still in
the works. The problem stems from lack of a trusted authority, let along a
central authority (i.e. the servers are not trusted nodes and are thus
resistant to being in a PKI). The basic idea is that the clients are
responsible for their own security - either attaching a signed hash,
encrypting the message, or sending plaintext. This is in the proposal stages
right now, I believe.

Second off, the current model for ICQ,Yahoo,etc. security is rather simple -
these clients have none. All of these clients are designed around the
'public chat' environment - if people can read the messages, too bad. ICQ
even sent the password in plaintext for a while! No guarantees of security
are made in any way, and no server-based security is possible since they are
shooting for sheer volumes of users, to build up their user-base, for either
advertising revenue, client sales, or just for the inherent value of a
user-base (the Mirabilis business model).

One of the interesting things about jabber is that is more
service-oriented - to the point that you could actually make revenue by just
having a jabber server up with say ICQ transport, but accepting a monthly
fee of $5 gives you aol-t, yahoo-t, some data storage space, SSL connection,
etc. For a service oriented model you are more concerned with features than
with user base (no problem with user base, but the features are what attract
new users). So with this model, encryption could play a much stronger role.

That aside, we will eventually have to interface with the IMPP protocol
(which will surely include some sort of semi-strong cryptography) and
business software like MS Exchange which are slowly getting Instant
Messaging - type features. At this point we will have to decide if all
security is handled on the server side in the transport (i.e. it would keep
your keys and do the work, and then use jabber security to talk to your
client) or extending these features straight to the client.

-David Waite

P.S. Why do you always mark your emails as 'urgent' or high priority? Many
people consider this to be bad etiquette, especially on mailing lists.

-----Original Message-----
From: jdev-admin at jabber.org [mailto:jdev-admin at jabber.org]On Behalf Of
chandan sonaye
Sent: Friday, April 07, 2000 9:47 AM
To: jdev at jabber.org
Subject: [JDEV] Security
Importance: High


Hi all,
          I am working in an Internet based project. In this project, we
are building Instant Messaging client using Jabber
         server. We are having multiple instant messaging clients for
jabber server.These jabber clients are exchanging
         messages with each other.
         But currently there is no security feature included in our
jabber client. The messages are exchanged without
         considering any security feature.
         But since it is a Internet based project, we need to have
security feature involved in IM client.
         Does Jabber provide any security feature for this so that
messages sent from one jabber client to another jabber client
         will be secured? If yes, how we can include it? otherwise is
there any alternative you can suggest for including
         security?

         Secondly,
         Through jabber server, we can connect to other Instant
Messaging Systems ( like yahoo, ICQ ) using transports.
         These other IM services are having their own security features.
How jabber handles their security features  as it
         doesn't know about  them?


         Thanking,

         chandan.



_______________________________________________
jdev mailing list
jdev at jabber.org
http://mailman.jabber.org/listinfo/jdev

More information about the JDev mailing list