1
0
mirror of https://github.com/moparisthebest/xeps synced 2024-11-26 19:22:15 -05:00

XEP-0434: Release version 0.3.0

Clarify usage, use real namespace for examples and add missing section:

* Clarify usage of trust messages by protocols such as Automatic Trust Management (ATM)
* Use namespace 'urn:xmpp:atm:0' of Automatic Trust Management (ATM) as example for 'usage' attribute.
* Add section 'Security Considerations'
This commit is contained in:
Melvin Keskin 2020-12-19 12:16:43 +01:00
parent 0d45eb27b4
commit 11dcbd19f1
No known key found for this signature in database
GPG Key ID: 04EFAD0F7A4D9724

View File

@ -2,7 +2,7 @@
<!DOCTYPE xep SYSTEM 'xep.dtd' [ <!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'> <!ENTITY % ents SYSTEM 'xep.ent'>
<!ENTITY ns "urn:xmpp:trust-messages:0"> <!ENTITY ns "urn:xmpp:trust-messages:0">
<!ENTITY ns-example-usage "urn:xmpp:example-usage:0"> <!ENTITY ns-atm "urn:xmpp:atm:0">
<!ENTITY ns-omemo "urn:xmpp:omemo:1"> <!ENTITY ns-omemo "urn:xmpp:omemo:1">
<!ENTITY ns-sce "urn:xmpp:sce:0"> <!ENTITY ns-sce "urn:xmpp:sce:0">
%ents; %ents;
@ -36,6 +36,19 @@
<email>melvo@olomono.de</email> <email>melvo@olomono.de</email>
<jid>melvo@olomono.de</jid> <jid>melvo@olomono.de</jid>
</author> </author>
<revision>
<version>0.3.0</version>
<date>2020-12-19</date>
<initials>melvo</initials>
<remark>
<p>Clarify usage, use real namespace for examples and add missing section:</p>
<ul>
<li>Clarify usage of trust messages by protocols such as &xep0450;</li>
<li>Use namespace 'urn:xmpp:atm:0' of &xep0450; as example for 'usage' attribute.</li>
<li>Add section 'Security Considerations'</li>
</ul>
</remark>
</revision>
<revision> <revision>
<version>0.2.0</version> <version>0.2.0</version>
<date>2020-11-05</date> <date>2020-11-05</date>
@ -124,6 +137,7 @@
<section1 topic='Why Trust Messages?' anchor='why-trust-messages'> <section1 topic='Why Trust Messages?' anchor='why-trust-messages'>
<p> <p>
Trust messages can be used in conjunction with an end-to-end encryption protocol such as &xep0373; or &xep0384; to automatically or semi-automatically establish secure channels protected against active attacks. Trust messages can be used in conjunction with an end-to-end encryption protocol such as &xep0373; or &xep0384; to automatically or semi-automatically establish secure channels protected against active attacks.
This protocol specifies how trust messages are transmitted and protocols such as &xep0450; specify how and for which purpose they are processed.
</p> </p>
<section2 topic='General Advantages' anchor='why-trust-messages-general-advantages'> <section2 topic='General Advantages' anchor='why-trust-messages-general-advantages'>
<p> <p>
@ -244,8 +258,8 @@
<p> <p>
In the following example, two &xep0384; keys of Alice are indicated as trusted, one key of Bob is indicated as trusted and two other ones of Bob are indicated as untrusted. In the following example, two &xep0384; keys of Alice are indicated as trusted, one key of Bob is indicated as trusted and two other ones of Bob are indicated as untrusted.
</p> </p>
<example caption='Trust Message Element for Alice&apos;s and Bob&apos;s OMEMO Keys'><![CDATA[ <example caption='Trust Message Element for Alice&apos;s and Bob&apos;s OMEMO Keys used by ATM'><![CDATA[
<trust-message xmlns=']]>&ns;<![CDATA[' usage=']]>&ns-example-usage;<![CDATA[' encryption=']]>&ns-omemo;<![CDATA['> <trust-message xmlns=']]>&ns;<![CDATA[' usage=']]>&ns-atm;<![CDATA[' encryption=']]>&ns-omemo;<![CDATA['>
<key-owner jid='alice@example.org'> <key-owner jid='alice@example.org'>
<trust>6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4</trust> <trust>6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4</trust>
<trust>221a4f8e228b72182b006e5ca527d3bddccf8d9e6feaf4ce96e1c451e8648020</trust> <trust>221a4f8e228b72182b006e5ca527d3bddccf8d9e6feaf4ce96e1c451e8648020</trust>
@ -310,7 +324,7 @@
<from jid='alice@example.org/notebook'/> <from jid='alice@example.org/notebook'/>
<to jid='carol@example.com'/> <to jid='carol@example.com'/>
<payload> <payload>
<trust-message xmlns=']]>&ns;<![CDATA[' usage=']]>&ns-example-usage;<![CDATA[' encryption=']]>&ns-omemo;<![CDATA['> <trust-message xmlns=']]>&ns;<![CDATA[' usage=']]>&ns-atm;<![CDATA[' encryption=']]>&ns-omemo;<![CDATA['>
<key-owner jid='alice@example.org'> <key-owner jid='alice@example.org'>
<trust>6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4</trust> <trust>6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4</trust>
<trust>221a4f8e228b72182b006e5ca527d3bddccf8d9e6feaf4ce96e1c451e8648020</trust> <trust>221a4f8e228b72182b006e5ca527d3bddccf8d9e6feaf4ce96e1c451e8648020</trust>
@ -353,6 +367,12 @@
Keep in mind that a trust message SHOULD only be encrypted for endpoints with authenticated keys. Keep in mind that a trust message SHOULD only be encrypted for endpoints with authenticated keys.
</p> </p>
</section1> </section1>
<section1 topic='Security Considerations' anchor='security-considerations'>
<p>
Protocols using trust messages SHOULD specify rules for processing them in order to create or sustain a secure communication.
Therefore, those protocols SHOULD state in which cases from which senders trust messages are used for making trust decisions and for which keys they are sent to whom.
</p>
</section1>
<section1 topic='IANA Considerations' anchor='iana-considerations'> <section1 topic='IANA Considerations' anchor='iana-considerations'>
<p>This document requires no interaction with the Internet Assigned Numbers Authority (IANA).</p> <p>This document requires no interaction with the Internet Assigned Numbers Authority (IANA).</p>
</section1> </section1>