<title>Bootstrapping Implementation of Encrypted Sessions</title>
<abstract>This document provides guidelines to client and library developers for bootstrapping implementation of the encrypted sessions technology.</abstract>
<remark><p>Initial published version.</p></remark>
</revision>
<revision>
<version>0.0.1</version>
<date>2007-05-29</date>
<initials>psa/ip</initials>
<remark><p>First draft.</p></remark>
</revision>
</header>
<section1topic='Introduction'anchor='intro'>
<p>The &XSF; has defined a technology for end-to-end encryption of XMPP communications, called "Encrypted Sessions" (ESessions). This document describes ways for client and library developers to approach the task of implementing ESessions.</p>
<p>In essence, implementation of ESessions proceeds in two directions:</p>
<ol>
<li>From the client/interface level down.</li>
<li>From the library/API level up.</li>
</ol>
<p>If client developers implement the "frontend" specifications, they should be able to integrate the "backend" code developed by library developers, enabling the two sets of developers to "meet in the middle" and offer complete implementations.</p>
</section1>
<section1topic='Approach'anchor='approach'>
<p>When working from the client/interface level down to the library/API level, it makes sense to implement the relevant specifications in the following order:</p>
<ol>
<li>
<p>&xep0201;</p>
<p>This document describes what a "stanza session" is, i.e., it is defined by the life of a message thread. Clients that implement this specification are well on their way to implementing encrypted sessions, since it is necessary to have a clear session "object" in a client before implementing an encrypted version of such a session.</p>
</li>
<li>
<p>&xep0155;</p>
<p>Because this document describes how to negotiate a stanza session, it is a building block for developing how to negotiate an encrypted stanza session.</p>
</li>
<li>
<p>&xep0200;</p>
<p>By hardcoding the initial parameters during an early phase of development, implementors can use this specification as a starting point for testing of encrypted sessions. A later phase would address rekeying (Section 9) and negotiation of the initial parameters (see below).</p>
</li>
<li>
<p>&xep0217;</p>
<p>This specification (to be published concurrently) defines a simple subset of the process for negotiating the initial parameters used in an encrypted session.</p>
</li>
<li>
<p>&xep0116;</p>
<p>This specification defines the "heavy lifting" involved in going from a cleartext state to an encrypted state, i.e., it specifies how to the initial parameters for an encrypted session.</p>
</li>
<li>
<p>&xep0188;</p>
<p>Strictly speaking, a developer does not implement this specification, since it describes the theory behind the process of upgrading from cleartext to encryption that is defined in <cite>XEP-0116</cite>. However it is useful background knowledge for developers who implement <cite>XEP-0116</cite>.</p>
</li>
</ol>
<p>Naturally, when developing from the library/API level up to the client/interface level, the order should be (roughly) reversed.</p>
</section1>
<section1topic='Optional Add-Ons'anchor='addons'>
<p>Once a library or client has implemented the specifications listed above, it may choose to implement the following additional specifications, which supplemented the core encrypted sessions specifications.</p>
<ol>
<li>
<p>&xep0189;</p>
<p>This specification defines a precondition for implementation of the specifications that follow.</p>
</li>
<li>
<p>&xep0187;</p>
<p>We should be able to encrypt so-called "offline messages" (see &xep0160;) using the same basic principles used to encrypted messages sent while online.</p>
</li>
<li>
<p>&xep0136;</p>
<p>This specification enables secure archiving of the messages sent and received in an encrypted session.</p>