0.12 RC1 security field, updated otr field

git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@78 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
Ian Paterson 2006-10-05 19:13:50 +00:00
parent 0b36317705
commit 439f8a54b6
1 changed files with 69 additions and 60 deletions

View File

@ -69,6 +69,12 @@
&ianpaterson;
&stpeter;
&dizzyd;
<revision>
<version>0.12</version>
<date>2006-10-05</date>
<initials>ip</initials>
<remark><p>Replaced secure field with security field; changed otr field to list-single</p></remark>
</revision>
<revision>
<version>0.11</version>
<date>2006-10-02</date>
@ -186,7 +192,7 @@
<p>Note: If Alice believes Bob is offline then she SHOULD NOT use this negotiation protocol. However, she MAY use the protocol specified in <cite>Offline Encrypted Sessions</cite> to establish the ESession options and keys. Alternatively, she MAY send stanzas without encryption - in which case her client MUST make absolutely clear to her that the stanzas will not be protected and give her the option not to send the stanzas.</p>
<p>Note: In any case, Alice MUST NOT initiate a new ESession with Bob if she already has one established with him.</p>
<section2 topic="ESession Request" anchor='init-online-request'>
<p>In addition to the "accept", "otr" and "secure" fields specified in <cite>Chat Session Negotiation</cite>, Alice MUST send to Bob each of the ESession options (see list below) that she is willing to use, in her order of preference (see <link url='#sec-mandatory'>Mandatory to Implement Technologies</link>). Note: Alice SHOULD NOT include a "reason" field since Aunt Tillie may not be aware the ESession request is <em>not</em> encrypted.</p>
<p>In addition to the "accept", "otr" and "security" fields specified in <cite>Chat Session Negotiation</cite>, Alice MUST send to Bob each of the ESession options (see list below) that she is willing to use, in her order of preference (see <link url='#sec-mandatory'>Mandatory to Implement Technologies</link>). Note: Alice SHOULD NOT include a "reason" field since Aunt Tillie may not be aware the ESession request is <em>not</em> encrypted.</p>
<ol>
<li><p>The list of Modular Exponential (MODP) group numbers (as specified in &rfc2409; or &rfc3526;) that MAY be used for Diffie-Hellman key exchange (valid group numbers include 1,2,3,4,5,14,15,16,17 and 18)</p></li>
<li><p>Symmetric block cipher algorithm names</p></li>
@ -214,11 +220,14 @@
<field type="boolean" var="accept">
<value>1</value>
</field>
<field type="boolean" var="otr">
<value>0</value>
<field type="list-single" var="otr">
<option><value>false</value></option>
<option><value>true</value></option>
</field>
<field type="boolean" var="secure">
<value>0</value>
<field type="list-single" var="security">
<option><value>c2sANDe2e</value></option>
<option><value>e2e</value></option>
<option><value>c2s</value></option>
</field>
<field type="list-single" var="modp">
<option><value>5</value></option>
@ -271,7 +280,8 @@
</amp>
</message>
]]></example>
<p>If Bob does not support one or more of the options in each ESession field, then he SHOULD return a &feature; error (but he MAY return no error if, for example, he does not want to reveal his presence to Alice for whatever reason):</p>
<p>If Bob does not want to reveal presence to Alice for whatever reason then Bob SHOULD return no response or error.</p>
<p>If Bob supports <em>none</em> of the options for one or more ESession fields, then he SHOULD return a &notacceptable; error and SHOULD specify the field(s) with unsupported options in a comma-separated list in the XMPP &lt;text/&gt; element:</p>
<example caption='Bob Informs Alice that Her Options Are Not Supported'><![CDATA[
<message type='error'
from='bob@example.com/laptop'
@ -280,13 +290,13 @@
...
</feature>
<error type='cancel'>
<feature-not-implemented xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
<unsupported-options xmlns='http://jabber.org/protocol/esession#error'/>
<not-acceptable xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
<text xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>modp,ver</text>
</error>
</message>
]]></example>
<p>Either Bob or Alice MAY attempt to initiate a new ESession after any error during the negotiation process. However, both MUST consider the previous negotiation to have failed and MUST discard any information learned through the previous negotiation.</p>
<p>If Bob is unwilling to start an ESession, but he <em>is</em> ready to initiate a one-to-one chat session with Alice (see <cite>Chat Session Negotiation</cite>), then he SHOULD accept the Chat Session and terminate the ESession negotiation by <em>not</em> including a 'nonce' field in his response.</p>
<p>If Bob is unwilling to start an ESession, but he <em>is</em> ready to initiate a one-to-one chat session with Alice (see <cite>Chat Session Negotiation</cite>), and if Alice included an option for the "security" field with the value "none" or "c2s", then Bob SHOULD accept the Chat Session and terminate the ESession negotiation by specifying "none" or "c2s" for the value of the "security" field in his response.</p>
<example caption='Bob Accepts Chat Session'><![CDATA[
<message from='bob@example.com/laptop' to='alice@example.org/pda'>
<feature xmlns='http://jabber.org/protocol/feature-neg'>
@ -295,8 +305,8 @@
<value>http://jabber.org/protocol/chatneg</value>
</field>
<field var="accept"><value>1</value></field>
<field var="otr"><value>1</value></field>
<field var="secure"><value>0</value></field>
<field var="otr"><value>true</value></field>
<field var="security"><value>c2s</value></field>
</x>
</feature>
</message>
@ -364,8 +374,8 @@
<value>http://jabber.org/protocol/chatneg</value>
</field>
<field var="accept"><value>1</value></field>
<field var="otr"><value>1</value></field>
<field var="secure"><value>0</value></field>
<field var="otr"><value>true</value></field>
<field var="security"><value>e2e</value></field>
<field var="modp"><value>5</value></field>
<field var="crypt_algs"><value>aes256-ctr</value></field>
<field var="hash_algs"><value>sha256</value></field>
@ -400,8 +410,8 @@
<value>http://jabber.org/protocol/chatneg</value>
</field>
<field var="accept"><value>1</value></field>
<field var="otr"><value>1</value></field>
<field var="secure"><value>0</value></field>
<field var="otr"><value>true</value></field>
<field var="security"><value>e2e</value></field>
<field var="modp"><value>5</value></field>
<field var="crypt_algs"><value>aes256-ctr</value></field>
<field var="hash_algs"><value>sha256</value></field>
@ -762,7 +772,7 @@
<p>Alice and Bob MUST ensure that the value of e or d they provide when negotiating each online ESession is unique. This prevents complete online ESessions being replayed.</p>
</section2>
<section2 topic='Unencrypted ESessions' anchor='sec-unencrypted'>
<p>Organisations with full disclosure policies may require entities to disable encryption to enable the logging of all messages on their server. Unencrypted ESessions meet all the <link url='#reqs-sec'>Security Requirements</link> except for Confidentiality. Unencrypted ESessions enable Alice to to confirm <em>securely</em> with Bob that both client-server connections are secure. i.e. that the value of the 'secure' option (as specified in <cite>Chat Session Negotiation</cite>) has not been tampered with.</p>
<p>Organisations with full disclosure policies may require entities to disable encryption to enable the logging of all messages on their server. Unencrypted ESessions meet all the <link url='#reqs-sec'>Security Requirements</link> except for Confidentiality. Unencrypted ESessions enable Alice to to confirm <em>securely</em> with Bob that both client-server connections are secure. i.e. that the value of the 'security' option (as specified in <cite>Chat Session Negotiation</cite>) has not been tampered with.</p>
</section2>
<section2 topic='Storage' anchor='sec-storage'>
<p>If either entity stores a (re-encrypted) transcript of an ESession for future consultation then the Perfect Forward Secrecy offered by this protocol is lost. If the negotiated value of the 'otr' <cite>Chat Session Negotiation</cite> field is 'true' the entities SHOULD NOT store any part of the ESession content (not even in encrypted form).</p>
@ -853,7 +863,6 @@
<ul>
<li>http://jabber.org/protocol/esession</li>
<li>http://jabber.org/protocol/esession#init</li>
<li>http://jabber.org/protocol/esession#error</li>
</ul>
</section2>
<section2 topic='Field Standardization' anchor='registrar-formtype'>
@ -863,6 +872,30 @@
<name>http://jabber.org/protocol/esession</name>
<jep>XEP-0116</jep>
<desc>ESession negotiation forms</desc>
<field
var='compress'
type='list-single'
label='Compression algorithm options'/>
<field
var='counter'
type='hidden'
label='Initial block counter'/>
<field
var='crypt_algs'
type='list-single'
label='Symmetric block cipher options'/>
<field
var='expires'
type='hidden'
label='Expiry time of offline ESession options'/>
<field
var='hash_algs'
type='list-single'
label='Hash algorithm options'/>
<field
var='keys'
type='hidden'
label='Diffie-Hellman keys'/>
<field
var='match_resource'
type='text-single'
@ -871,62 +904,38 @@
var='modp'
type='list-single'
label='MODP group number'/>
<field
var='crypt_algs'
type='list-single'
label='Symmetric block cipher options'/>
<field
var='hash_algs'
type='list-single'
label='Hash algorithm options'/>
<field
var='sign_algs'
type='list-single'
label='Signature algorithm options'/>
<field
var='compress'
type='list-single'
label='Compression algorithm options'/>
<field
var='stanzas'
type='list-multi'
label='Stanzas types to encrypt'/>
<field
var='pk_hash'
type='boolean'
label='Respond with public key fingerprint'/>
<field
var='ver'
type='list-single'
label='Supported versions of XEP-0116'/>
<field
var='rekey_freq'
type='text-single'
label='Minimum number of stanzas between key exchanges'/>
<field
var='keys'
type='hidden'
label='Diffie-Hellman keys'/>
<field
var='my_nonce'
type='hidden'
label='ESession ID of Sender'/>
<field
var='expires'
type='hidden'
label='Expiry time of offline ESession options'/>
<field
var='nonce'
type='hidden'
label='ESession ID of Receiver'/>
<field
var='counter'
type='hidden'
label='Initial block counter'/>
var='pk_hash'
type='boolean'
label='Respond with public key fingerprint'/>
<field
var='rekey_freq'
type='text-single'
label='Minimum number of stanzas between key exchanges'/>
<field
var='sign_algs'
type='list-single'
label='Signature algorithm options'/>
<field
var='signs'
type='list-single'
label='Data form signatures'/>
<field
var='stanzas'
type='list-multi'
label='Stanzas types to encrypt'/>
<field
var='ver'
type='list-single'
label='Supported versions of XEP-0116'/>
</form_type>
<form_type>