mirror of
https://github.com/moparisthebest/xeps
synced 2024-11-26 19:22:15 -05:00
XEP-0434: Release version 0.3.0
Clarify usage, use real namespace for examples and add missing section: * Clarify usage of trust messages by protocols such as Automatic Trust Management (ATM) * Use namespace 'urn:xmpp:atm:0' of Automatic Trust Management (ATM) as example for 'usage' attribute. * Add section 'Security Considerations'
This commit is contained in:
parent
0d45eb27b4
commit
11dcbd19f1
28
xep-0434.xml
28
xep-0434.xml
@ -2,7 +2,7 @@
|
|||||||
<!DOCTYPE xep SYSTEM 'xep.dtd' [
|
<!DOCTYPE xep SYSTEM 'xep.dtd' [
|
||||||
<!ENTITY % ents SYSTEM 'xep.ent'>
|
<!ENTITY % ents SYSTEM 'xep.ent'>
|
||||||
<!ENTITY ns "urn:xmpp:trust-messages:0">
|
<!ENTITY ns "urn:xmpp:trust-messages:0">
|
||||||
<!ENTITY ns-example-usage "urn:xmpp:example-usage:0">
|
<!ENTITY ns-atm "urn:xmpp:atm:0">
|
||||||
<!ENTITY ns-omemo "urn:xmpp:omemo:1">
|
<!ENTITY ns-omemo "urn:xmpp:omemo:1">
|
||||||
<!ENTITY ns-sce "urn:xmpp:sce:0">
|
<!ENTITY ns-sce "urn:xmpp:sce:0">
|
||||||
%ents;
|
%ents;
|
||||||
@ -36,6 +36,19 @@
|
|||||||
<email>melvo@olomono.de</email>
|
<email>melvo@olomono.de</email>
|
||||||
<jid>melvo@olomono.de</jid>
|
<jid>melvo@olomono.de</jid>
|
||||||
</author>
|
</author>
|
||||||
|
<revision>
|
||||||
|
<version>0.3.0</version>
|
||||||
|
<date>2020-12-19</date>
|
||||||
|
<initials>melvo</initials>
|
||||||
|
<remark>
|
||||||
|
<p>Clarify usage, use real namespace for examples and add missing section:</p>
|
||||||
|
<ul>
|
||||||
|
<li>Clarify usage of trust messages by protocols such as &xep0450;</li>
|
||||||
|
<li>Use namespace 'urn:xmpp:atm:0' of &xep0450; as example for 'usage' attribute.</li>
|
||||||
|
<li>Add section 'Security Considerations'</li>
|
||||||
|
</ul>
|
||||||
|
</remark>
|
||||||
|
</revision>
|
||||||
<revision>
|
<revision>
|
||||||
<version>0.2.0</version>
|
<version>0.2.0</version>
|
||||||
<date>2020-11-05</date>
|
<date>2020-11-05</date>
|
||||||
@ -124,6 +137,7 @@
|
|||||||
<section1 topic='Why Trust Messages?' anchor='why-trust-messages'>
|
<section1 topic='Why Trust Messages?' anchor='why-trust-messages'>
|
||||||
<p>
|
<p>
|
||||||
Trust messages can be used in conjunction with an end-to-end encryption protocol such as &xep0373; or &xep0384; to automatically or semi-automatically establish secure channels protected against active attacks.
|
Trust messages can be used in conjunction with an end-to-end encryption protocol such as &xep0373; or &xep0384; to automatically or semi-automatically establish secure channels protected against active attacks.
|
||||||
|
This protocol specifies how trust messages are transmitted and protocols such as &xep0450; specify how and for which purpose they are processed.
|
||||||
</p>
|
</p>
|
||||||
<section2 topic='General Advantages' anchor='why-trust-messages-general-advantages'>
|
<section2 topic='General Advantages' anchor='why-trust-messages-general-advantages'>
|
||||||
<p>
|
<p>
|
||||||
@ -244,8 +258,8 @@
|
|||||||
<p>
|
<p>
|
||||||
In the following example, two &xep0384; keys of Alice are indicated as trusted, one key of Bob is indicated as trusted and two other ones of Bob are indicated as untrusted.
|
In the following example, two &xep0384; keys of Alice are indicated as trusted, one key of Bob is indicated as trusted and two other ones of Bob are indicated as untrusted.
|
||||||
</p>
|
</p>
|
||||||
<example caption='Trust Message Element for Alice's and Bob's OMEMO Keys'><![CDATA[
|
<example caption='Trust Message Element for Alice's and Bob's OMEMO Keys used by ATM'><![CDATA[
|
||||||
<trust-message xmlns=']]>&ns;<![CDATA[' usage=']]>&ns-example-usage;<![CDATA[' encryption=']]>&ns-omemo;<![CDATA['>
|
<trust-message xmlns=']]>&ns;<![CDATA[' usage=']]>&ns-atm;<![CDATA[' encryption=']]>&ns-omemo;<![CDATA['>
|
||||||
<key-owner jid='alice@example.org'>
|
<key-owner jid='alice@example.org'>
|
||||||
<trust>6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4</trust>
|
<trust>6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4</trust>
|
||||||
<trust>221a4f8e228b72182b006e5ca527d3bddccf8d9e6feaf4ce96e1c451e8648020</trust>
|
<trust>221a4f8e228b72182b006e5ca527d3bddccf8d9e6feaf4ce96e1c451e8648020</trust>
|
||||||
@ -310,7 +324,7 @@
|
|||||||
<from jid='alice@example.org/notebook'/>
|
<from jid='alice@example.org/notebook'/>
|
||||||
<to jid='carol@example.com'/>
|
<to jid='carol@example.com'/>
|
||||||
<payload>
|
<payload>
|
||||||
<trust-message xmlns=']]>&ns;<![CDATA[' usage=']]>&ns-example-usage;<![CDATA[' encryption=']]>&ns-omemo;<![CDATA['>
|
<trust-message xmlns=']]>&ns;<![CDATA[' usage=']]>&ns-atm;<![CDATA[' encryption=']]>&ns-omemo;<![CDATA['>
|
||||||
<key-owner jid='alice@example.org'>
|
<key-owner jid='alice@example.org'>
|
||||||
<trust>6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4</trust>
|
<trust>6850019d7ed0feb6d3823072498ceb4f616c6025586f8f666dc6b9c81ef7e0a4</trust>
|
||||||
<trust>221a4f8e228b72182b006e5ca527d3bddccf8d9e6feaf4ce96e1c451e8648020</trust>
|
<trust>221a4f8e228b72182b006e5ca527d3bddccf8d9e6feaf4ce96e1c451e8648020</trust>
|
||||||
@ -353,6 +367,12 @@
|
|||||||
Keep in mind that a trust message SHOULD only be encrypted for endpoints with authenticated keys.
|
Keep in mind that a trust message SHOULD only be encrypted for endpoints with authenticated keys.
|
||||||
</p>
|
</p>
|
||||||
</section1>
|
</section1>
|
||||||
|
<section1 topic='Security Considerations' anchor='security-considerations'>
|
||||||
|
<p>
|
||||||
|
Protocols using trust messages SHOULD specify rules for processing them in order to create or sustain a secure communication.
|
||||||
|
Therefore, those protocols SHOULD state in which cases from which senders trust messages are used for making trust decisions and for which keys they are sent to whom.
|
||||||
|
</p>
|
||||||
|
</section1>
|
||||||
<section1 topic='IANA Considerations' anchor='iana-considerations'>
|
<section1 topic='IANA Considerations' anchor='iana-considerations'>
|
||||||
<p>This document requires no interaction with the Internet Assigned Numbers Authority (IANA).</p>
|
<p>This document requires no interaction with the Internet Assigned Numbers Authority (IANA).</p>
|
||||||
</section1>
|
</section1>
|
||||||
|
Loading…
Reference in New Issue
Block a user