diff --git a/inbox/preauth-ibr.xml b/inbox/preauth-ibr.xml new file mode 100644 index 00000000..20af34d9 --- /dev/null +++ b/inbox/preauth-ibr.xml @@ -0,0 +1,194 @@ + + +%ents; +]> + + +
+ Pre-auth Registration Key Generation and Validation + + This specification updates XEP-0401 and XEP-0445 by specifying a shared + format for the pre-authenticated registration token. + + &LEGALNOTICE; + xxxx + ProtoXEP + Standards Track + Standards + Council + + XMPP Core + XEP-0401 + XEP-0445 + + + + preauth-token + &sam; + + 0.0.1 + 2021-06-06 + ssw +

First draft.

 + +
+ +

+ Both &xep0401; and &xep0445; specify a mechanism for requesting a token from + a server that can be exchanged for registration at a later date. + However, neither XEP defines the format of this token, or a recommended + algorithm for generating it. + This means that each server may choose a unique format and that any token + issuing entity must either only support a specific servers token format, or + must connect to the server with an admin account so that it can ask the + server for tokens. +

+

+ This specification rectifies this by specifying a server-agnostic format for + pre-auth tokens and an algorithm for generating them. + This enables third-party trusted services that share a private key to + sign a token that can later be verified by the server to register a user. +

+ + + + + +
+ +
Authentication server
+
+ The server authenticating the user using IBR or SASL, normally the XMPP + server. +
+ + +
Authorization server
+
+ A server issuing a token authorizing the user to register. + This may be the XMPP server, or another entity that shares its private + key. +
+ + +
IBR
+
+ In-band Registration, as defined by either &xep0077; or &xep0389; +
+ + +
Key
+
+ A shared secret that is used to sign and validate tokens. +
+ +
+ + + + + +

+ The following algorithm is used to generate tokens where "," is a separator + and not part of any actual input and $key is the shared secret key. + All uses of base64 are the Raw URL encoding (with no padding characters) + defined in &rfc4648; + HMAC-SHA256 is a Keyed-Hash Message Authentication Code (see &nistfips198a;) + using the SHA256 hashing algorithm (see &nistfips180-2;). +

+ +// Current time rounded up and converted to milliseconds. +expiration = ($currentTime + 1e6 -1) / 1e6 +jids = { + JID1, ':', + JID2, ':', + JID3, ':', + … + JIDFinal + } +signature = HMAC-SHA256 + ( + $key, + $jids, ':', + $expiration + ) +token = { + base64-raw-url($signature), ':', + base64-raw-url($jids), ':', + $expiration, + } + + + +

+ If the shared key is longer than the block size it will be hashed by some + HMAC implementations, otherwise it is left unhashed. + This is not represented in the algorithm above, but if it is not done the + user must determine whether the input key needs hashing themselves. + Input keys shorter than the block size are not hashed. +

+ + +

+ The secret key SHOULD be at least half the length of the SHA256 output (ie. + 16 bytes). + No key stretching is performed by this algorithm, so the user should take + care to pick a long key. +

+

+ Creation of the secret key MUST NOT require communication between the + authentication server, the authorization server, or a third party such as a + database. +

+ + +

This document requires no interaction with &IANA;

+ + +

This document requires no action from the ®ISTRAR;

+ + +

This document does not define an XML namespace requiring a schema.

+ +