mirror of
https://github.com/moparisthebest/xeps
synced 2024-11-21 16:55:07 -05:00
0.12 RC1 security field, updated otr field
git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@78 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
parent
0b36317705
commit
439f8a54b6
129
xep-0116.xml
129
xep-0116.xml
@ -69,6 +69,12 @@
|
||||
&ianpaterson;
|
||||
&stpeter;
|
||||
&dizzyd;
|
||||
<revision>
|
||||
<version>0.12</version>
|
||||
<date>2006-10-05</date>
|
||||
<initials>ip</initials>
|
||||
<remark><p>Replaced secure field with security field; changed otr field to list-single</p></remark>
|
||||
</revision>
|
||||
<revision>
|
||||
<version>0.11</version>
|
||||
<date>2006-10-02</date>
|
||||
@ -186,7 +192,7 @@
|
||||
<p>Note: If Alice believes Bob is offline then she SHOULD NOT use this negotiation protocol. However, she MAY use the protocol specified in <cite>Offline Encrypted Sessions</cite> to establish the ESession options and keys. Alternatively, she MAY send stanzas without encryption - in which case her client MUST make absolutely clear to her that the stanzas will not be protected and give her the option not to send the stanzas.</p>
|
||||
<p>Note: In any case, Alice MUST NOT initiate a new ESession with Bob if she already has one established with him.</p>
|
||||
<section2 topic="ESession Request" anchor='init-online-request'>
|
||||
<p>In addition to the "accept", "otr" and "secure" fields specified in <cite>Chat Session Negotiation</cite>, Alice MUST send to Bob each of the ESession options (see list below) that she is willing to use, in her order of preference (see <link url='#sec-mandatory'>Mandatory to Implement Technologies</link>). Note: Alice SHOULD NOT include a "reason" field since Aunt Tillie may not be aware the ESession request is <em>not</em> encrypted.</p>
|
||||
<p>In addition to the "accept", "otr" and "security" fields specified in <cite>Chat Session Negotiation</cite>, Alice MUST send to Bob each of the ESession options (see list below) that she is willing to use, in her order of preference (see <link url='#sec-mandatory'>Mandatory to Implement Technologies</link>). Note: Alice SHOULD NOT include a "reason" field since Aunt Tillie may not be aware the ESession request is <em>not</em> encrypted.</p>
|
||||
<ol>
|
||||
<li><p>The list of Modular Exponential (MODP) group numbers (as specified in &rfc2409; or &rfc3526;) that MAY be used for Diffie-Hellman key exchange (valid group numbers include 1,2,3,4,5,14,15,16,17 and 18)</p></li>
|
||||
<li><p>Symmetric block cipher algorithm names</p></li>
|
||||
@ -214,11 +220,14 @@
|
||||
<field type="boolean" var="accept">
|
||||
<value>1</value>
|
||||
</field>
|
||||
<field type="boolean" var="otr">
|
||||
<value>0</value>
|
||||
<field type="list-single" var="otr">
|
||||
<option><value>false</value></option>
|
||||
<option><value>true</value></option>
|
||||
</field>
|
||||
<field type="boolean" var="secure">
|
||||
<value>0</value>
|
||||
<field type="list-single" var="security">
|
||||
<option><value>c2sANDe2e</value></option>
|
||||
<option><value>e2e</value></option>
|
||||
<option><value>c2s</value></option>
|
||||
</field>
|
||||
<field type="list-single" var="modp">
|
||||
<option><value>5</value></option>
|
||||
@ -271,7 +280,8 @@
|
||||
</amp>
|
||||
</message>
|
||||
]]></example>
|
||||
<p>If Bob does not support one or more of the options in each ESession field, then he SHOULD return a &feature; error (but he MAY return no error if, for example, he does not want to reveal his presence to Alice for whatever reason):</p>
|
||||
<p>If Bob does not want to reveal presence to Alice for whatever reason then Bob SHOULD return no response or error.</p>
|
||||
<p>If Bob supports <em>none</em> of the options for one or more ESession fields, then he SHOULD return a ¬acceptable; error and SHOULD specify the field(s) with unsupported options in a comma-separated list in the XMPP <text/> element:</p>
|
||||
<example caption='Bob Informs Alice that Her Options Are Not Supported'><![CDATA[
|
||||
<message type='error'
|
||||
from='bob@example.com/laptop'
|
||||
@ -280,13 +290,13 @@
|
||||
...
|
||||
</feature>
|
||||
<error type='cancel'>
|
||||
<feature-not-implemented xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
|
||||
<unsupported-options xmlns='http://jabber.org/protocol/esession#error'/>
|
||||
<not-acceptable xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
|
||||
<text xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>modp,ver</text>
|
||||
</error>
|
||||
</message>
|
||||
]]></example>
|
||||
<p>Either Bob or Alice MAY attempt to initiate a new ESession after any error during the negotiation process. However, both MUST consider the previous negotiation to have failed and MUST discard any information learned through the previous negotiation.</p>
|
||||
<p>If Bob is unwilling to start an ESession, but he <em>is</em> ready to initiate a one-to-one chat session with Alice (see <cite>Chat Session Negotiation</cite>), then he SHOULD accept the Chat Session and terminate the ESession negotiation by <em>not</em> including a 'nonce' field in his response.</p>
|
||||
<p>If Bob is unwilling to start an ESession, but he <em>is</em> ready to initiate a one-to-one chat session with Alice (see <cite>Chat Session Negotiation</cite>), and if Alice included an option for the "security" field with the value "none" or "c2s", then Bob SHOULD accept the Chat Session and terminate the ESession negotiation by specifying "none" or "c2s" for the value of the "security" field in his response.</p>
|
||||
<example caption='Bob Accepts Chat Session'><![CDATA[
|
||||
<message from='bob@example.com/laptop' to='alice@example.org/pda'>
|
||||
<feature xmlns='http://jabber.org/protocol/feature-neg'>
|
||||
@ -295,8 +305,8 @@
|
||||
<value>http://jabber.org/protocol/chatneg</value>
|
||||
</field>
|
||||
<field var="accept"><value>1</value></field>
|
||||
<field var="otr"><value>1</value></field>
|
||||
<field var="secure"><value>0</value></field>
|
||||
<field var="otr"><value>true</value></field>
|
||||
<field var="security"><value>c2s</value></field>
|
||||
</x>
|
||||
</feature>
|
||||
</message>
|
||||
@ -364,8 +374,8 @@
|
||||
<value>http://jabber.org/protocol/chatneg</value>
|
||||
</field>
|
||||
<field var="accept"><value>1</value></field>
|
||||
<field var="otr"><value>1</value></field>
|
||||
<field var="secure"><value>0</value></field>
|
||||
<field var="otr"><value>true</value></field>
|
||||
<field var="security"><value>e2e</value></field>
|
||||
<field var="modp"><value>5</value></field>
|
||||
<field var="crypt_algs"><value>aes256-ctr</value></field>
|
||||
<field var="hash_algs"><value>sha256</value></field>
|
||||
@ -400,8 +410,8 @@
|
||||
<value>http://jabber.org/protocol/chatneg</value>
|
||||
</field>
|
||||
<field var="accept"><value>1</value></field>
|
||||
<field var="otr"><value>1</value></field>
|
||||
<field var="secure"><value>0</value></field>
|
||||
<field var="otr"><value>true</value></field>
|
||||
<field var="security"><value>e2e</value></field>
|
||||
<field var="modp"><value>5</value></field>
|
||||
<field var="crypt_algs"><value>aes256-ctr</value></field>
|
||||
<field var="hash_algs"><value>sha256</value></field>
|
||||
@ -762,7 +772,7 @@
|
||||
<p>Alice and Bob MUST ensure that the value of e or d they provide when negotiating each online ESession is unique. This prevents complete online ESessions being replayed.</p>
|
||||
</section2>
|
||||
<section2 topic='Unencrypted ESessions' anchor='sec-unencrypted'>
|
||||
<p>Organisations with full disclosure policies may require entities to disable encryption to enable the logging of all messages on their server. Unencrypted ESessions meet all the <link url='#reqs-sec'>Security Requirements</link> except for Confidentiality. Unencrypted ESessions enable Alice to to confirm <em>securely</em> with Bob that both client-server connections are secure. i.e. that the value of the 'secure' option (as specified in <cite>Chat Session Negotiation</cite>) has not been tampered with.</p>
|
||||
<p>Organisations with full disclosure policies may require entities to disable encryption to enable the logging of all messages on their server. Unencrypted ESessions meet all the <link url='#reqs-sec'>Security Requirements</link> except for Confidentiality. Unencrypted ESessions enable Alice to to confirm <em>securely</em> with Bob that both client-server connections are secure. i.e. that the value of the 'security' option (as specified in <cite>Chat Session Negotiation</cite>) has not been tampered with.</p>
|
||||
</section2>
|
||||
<section2 topic='Storage' anchor='sec-storage'>
|
||||
<p>If either entity stores a (re-encrypted) transcript of an ESession for future consultation then the Perfect Forward Secrecy offered by this protocol is lost. If the negotiated value of the 'otr' <cite>Chat Session Negotiation</cite> field is 'true' the entities SHOULD NOT store any part of the ESession content (not even in encrypted form).</p>
|
||||
@ -853,7 +863,6 @@
|
||||
<ul>
|
||||
<li>http://jabber.org/protocol/esession</li>
|
||||
<li>http://jabber.org/protocol/esession#init</li>
|
||||
<li>http://jabber.org/protocol/esession#error</li>
|
||||
</ul>
|
||||
</section2>
|
||||
<section2 topic='Field Standardization' anchor='registrar-formtype'>
|
||||
@ -863,6 +872,30 @@
|
||||
<name>http://jabber.org/protocol/esession</name>
|
||||
<jep>XEP-0116</jep>
|
||||
<desc>ESession negotiation forms</desc>
|
||||
<field
|
||||
var='compress'
|
||||
type='list-single'
|
||||
label='Compression algorithm options'/>
|
||||
<field
|
||||
var='counter'
|
||||
type='hidden'
|
||||
label='Initial block counter'/>
|
||||
<field
|
||||
var='crypt_algs'
|
||||
type='list-single'
|
||||
label='Symmetric block cipher options'/>
|
||||
<field
|
||||
var='expires'
|
||||
type='hidden'
|
||||
label='Expiry time of offline ESession options'/>
|
||||
<field
|
||||
var='hash_algs'
|
||||
type='list-single'
|
||||
label='Hash algorithm options'/>
|
||||
<field
|
||||
var='keys'
|
||||
type='hidden'
|
||||
label='Diffie-Hellman keys'/>
|
||||
<field
|
||||
var='match_resource'
|
||||
type='text-single'
|
||||
@ -871,62 +904,38 @@
|
||||
var='modp'
|
||||
type='list-single'
|
||||
label='MODP group number'/>
|
||||
<field
|
||||
var='crypt_algs'
|
||||
type='list-single'
|
||||
label='Symmetric block cipher options'/>
|
||||
<field
|
||||
var='hash_algs'
|
||||
type='list-single'
|
||||
label='Hash algorithm options'/>
|
||||
<field
|
||||
var='sign_algs'
|
||||
type='list-single'
|
||||
label='Signature algorithm options'/>
|
||||
<field
|
||||
var='compress'
|
||||
type='list-single'
|
||||
label='Compression algorithm options'/>
|
||||
<field
|
||||
var='stanzas'
|
||||
type='list-multi'
|
||||
label='Stanzas types to encrypt'/>
|
||||
<field
|
||||
var='pk_hash'
|
||||
type='boolean'
|
||||
label='Respond with public key fingerprint'/>
|
||||
<field
|
||||
var='ver'
|
||||
type='list-single'
|
||||
label='Supported versions of XEP-0116'/>
|
||||
<field
|
||||
var='rekey_freq'
|
||||
type='text-single'
|
||||
label='Minimum number of stanzas between key exchanges'/>
|
||||
<field
|
||||
var='keys'
|
||||
type='hidden'
|
||||
label='Diffie-Hellman keys'/>
|
||||
<field
|
||||
var='my_nonce'
|
||||
type='hidden'
|
||||
label='ESession ID of Sender'/>
|
||||
<field
|
||||
var='expires'
|
||||
type='hidden'
|
||||
label='Expiry time of offline ESession options'/>
|
||||
<field
|
||||
var='nonce'
|
||||
type='hidden'
|
||||
label='ESession ID of Receiver'/>
|
||||
<field
|
||||
var='counter'
|
||||
type='hidden'
|
||||
label='Initial block counter'/>
|
||||
var='pk_hash'
|
||||
type='boolean'
|
||||
label='Respond with public key fingerprint'/>
|
||||
<field
|
||||
var='rekey_freq'
|
||||
type='text-single'
|
||||
label='Minimum number of stanzas between key exchanges'/>
|
||||
<field
|
||||
var='sign_algs'
|
||||
type='list-single'
|
||||
label='Signature algorithm options'/>
|
||||
<field
|
||||
var='signs'
|
||||
type='list-single'
|
||||
label='Data form signatures'/>
|
||||
<field
|
||||
var='stanzas'
|
||||
type='list-multi'
|
||||
label='Stanzas types to encrypt'/>
|
||||
<field
|
||||
var='ver'
|
||||
type='list-single'
|
||||
label='Supported versions of XEP-0116'/>
|
||||
</form_type>
|
||||
|
||||
<form_type>
|
||||
|
Loading…
Reference in New Issue
Block a user