[jdev] Re: JEP-0027 (OpenPGP) implementation question

Peter Saint-Andre stpeter at jabber.org
Tue Mar 7 11:13:36 CST 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Looking at JEP-0116 again, I see that public keys are used to verify the
identity of the parties, but that the stanzas themselves are signed and
encrypted with session keys. So identity is asserted and preserved in
the initial negotiation, but not attached to each stanza. Or so it seems
(I need to read JEP-0116 again in depth).

Peter

Matthew A. Miller wrote:
> Note that the following assumes that one favors security with identity,
> not anonymity (-:
> 
> From the perspective of the average user (like my father, siblings, and
> most of my coworkers and customers), obtaining a PGP key is just about
> as complex as obtaining an x.509 certificate (CA- or self-signed).  This
> means that user-friendly consumer-oriented software is going to end up
> generating the PGP key/x.509 certificate for the user.  And if one
> needed stronger trust, then you'd require keys or certificates that are
> signed by a trusted authority anyway.
> 
> I don't see why one couldn't also apply this type of trust to
> self-signed (or even signed) x.509 certificates.  As long as the
> certificate is valid, you can treat it as trusted if you're so
> disposed.  At this point, it's no different than trusting unsigned PGP
> keys.  Many of us already effectively do this everyday via our browser. 
> It may not be considered the proper manner of working with certificates,
> but if I as a user decide I know better than the certificate chain, then
> that option should be open to me.
> 
> I'd like any standard that is developed to try and also accommodate
> organizations larger than mom and pop (or Aunt Tillie, or whatever the
> user-du-jour is now), and this is most likely going to mean the
> capability of supporting x.509 certificates.
> 
> But then, my opinion on how Jabber is going to take over the IM world
> are probably colored by my current employment (-:
> 
> 
> 
> Trejkaz wrote:
>> Peter Saint-Andre wrote:
>>> Now, neither OpenPGP or S/MIME enable you to repudiate what you said,
>>> and if people find that important then they would need to do
>>> JEP-0116 (or something very much like it, such as Gaim's OTR plugin).
>>> So in part the differences here come down to requirements and
>>> philosophy.
>>
>> Requirements are exactly it.  The two camps will never agree on which
>> style of cryptography to use, because:
>>
>> In the pro-OTR camp, everyone thinks that cryptography should be used in
>> order to obfuscate what you said and remove traces that it was you who
>> said it.  So OTR will appeal in use cases where you want some kind of
>> pseudo-anonymity.
>>
>> (OTOH, Normal Person + Internet + Anonymity = Total Jackhole)
>>
>> Then you have the pro-OpenPGP camp, people think that cryptography
>> should be used in order to be able to prove who said something,
>> _especially_ at a later point in time.  This is useful particularly in
>> business, when someone wants to archive conversations for later
>> auditing.)
>>
>> Also in this camp you have all the people who were already using
>> OpenPGP for some other reason, and therefore want to reuse their keys
>> which they spent hours getting signed by dozens of people.
>>
>>> But one thing that seems attractive about JEP-0116 is that it doesn't
>>> require end users to create OpenPGP keys or obtain X.509
>>> certificates, both of which are hard for end users.
>>
>> X.509 certificates are certainly too hard to obtain for most users,
>> mainly because they're worth practically nothing without the signature
>> from the CA (CAcert is of course available for no cost, but it still
>> takes time: time users can't be bothered to spend.)
>>
>> With OpenPGP, creating the keys is easy, if not trivial.  Getting them
>> signed (and hence trusted) takes the time.
>>
>> I guess you can blame a lot of that on the lack of a "simple" GUI for
>> signing keys (by "simple", I refer not to KDE or GNOME simplicity, but
>> MacOS simplicity.)
>>
>> I often wonder if an instant messaging client might one day provide
>> that simple interface...
>>
>>    User: [initiates chat to a contact who has signed their presence]
>>    IM Client: "Are you absolutely sure this person is the one you wish
>>                to talk to? [Yes/No/Ask me again later]"
>>    User: Yes
>>    IM Client: [signs the key with a relatively low, but good-enough
>>                trust value.]
>>
>> Add a nice indicator next to your contacts who have untrusted keys,
>> and you have yourself an OpenPGP GUI which is almost as useful as the
>> more advanced alternatives.  It's not with "The Spirit" of OpenPGP
>> where you go and meet people in person, but it's certainly more
>> realistic for the ordinary user.
>>
>> TX
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEDb9ANF1RSzyt3NURAn/sAKCH0ZVz+/4I2sxPh5ZX3u2YjtcpqwCgsMJx
H1G9Zn43MvtwNDj0gL7Ymac=
=Og8A
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3641 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://www.jabber.org/jdev/attachments/20060307/e335fdb4/attachment-0002.bin>

More information about the JDev mailing list