mirror of
https://github.com/moparisthebest/xeps
synced 2024-11-24 10:12:19 -05:00
XEP 274 and XEP 285 updates
This commit is contained in:
Kurt Zeilenga
parent
a6b90f6a7b
commit
6a6f013f4e
45
xep-0274.xml
45
xep-0274.xml
@ -14,7 +14,7 @@
|
||||
<!ENTITY CDCIE-CCP "<span class='ref'>CDCIE-CCP</span> <note>Cross Domain Collaborative Information Environment (CDCIE) Chat Client Protocol Specification, Version 2.0, Trident Systems, Inc., 12 March 2008</note>" >
|
||||
<!ENTITY XMLDSIG "<span class='ref'><link url='http://www.w3.org/TR/xmldsig-core/'>XMLDSIG</link></span> <note>XML Signature Syntax and Processing, W3C Recommendation, 10 June 2008 <<link url='http://www.w3.org/TR/xmldsig-core/'>http://www.w3.org/TR/xmldsig-core/</link>>.</note>" >
|
||||
<!ENTITY XPointer "<span class='ref'><link url='http://www.w3.org/TR/xptr'>XPointer</link></span> <note>XML Pointer Language (XPointer), W3C Recommendation, 8 June 2001 <<link url='http://www.w3.org/TR/xptr'>http://www.w3.org/TR/xptr</link>>.</note>" >
|
||||
<!ENTITY xmppdsig "<span class='ref'><link url='http://xmpp.org/extensions/inbox/dsig.html'>XMPP DSIG</link></span> <note>XMPP Digital Signatures <<link url='http://xmpp.org/extensions/inbox/dsig.html'>http://xmpp.org/extensions/inbox/dsig.html</link>>.</note>" >%ents;
|
||||
<!ENTITY xmpp-dsig-new "<span class='ref'><link url='http://xmpp.org/extensions/inbox/encapsulated-signatures.html'>XMPP DSIG</link></span> <note>Encapsulated Digital Signatures in XMPP <<link url='http://xmpp.org/extensions/inbox/encapsulated-signatures.html'>http://xmpp.org/extensions/inbox/encapsulated-signatures.html</link>>.</note>" >%ents;
|
||||
]>
|
||||
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
|
||||
<xep>
|
||||
@ -35,6 +35,15 @@
|
||||
<supersededby/>
|
||||
<shortname>N/A</shortname>
|
||||
&kdz;
|
||||
<revision>
|
||||
<version>0.3</version>
|
||||
<date>201l-01-12</date>
|
||||
<initials>kdz</initials>
|
||||
<remark>
|
||||
<p>Update discussions based upon introduction of Encapsulated Digital Signatures in XMPP,
|
||||
an alternative to XEP-0285.</p>
|
||||
</remark>
|
||||
</revision>
|
||||
<revision>
|
||||
<version>0.2</version>
|
||||
<date>2010-09-29</date>
|
||||
@ -243,14 +252,12 @@
|
||||
<p>At the time of this writing, XMPP E2E has not been widely implemented. XMPP E2E appears to
|
||||
have limited applicability. </p>
|
||||
</section2>
|
||||
<section2 topic="XMPP DSIG" anchor="xmpp-dsig">
|
||||
<p>The &xep0285; (XMPP DSIG), like the XMPP E2E, uses an encapsulating
|
||||
signature to protects the signed content from alteration as it is exchanged over an XMPP
|
||||
network. XMPP DSIG avoids certain dependencies which are believed to have hindered
|
||||
implementation of XMPP E2E. It is hoped that the XMPP DSIG will prove to be more viable
|
||||
solution than XMPP E2E. Like XMPP E2E, XMPP DSIG does not support <em>optimistic signing</em>.</p>
|
||||
<p>At the time of this writing, XMPP DSIG was just introduced.</p>
|
||||
<p/>
|
||||
<section2 topic="PGP signatures in XMPP" anchor="xmpp-e2e">
|
||||
<p>The &xep0027; (XMPP PGP), like the XMPP E2E, uses an encapsulating signature to protects
|
||||
the signed content from alteration as it is exchanged over an XMPP network. Like
|
||||
XMPP E2E, it is intended to be an end-to-end solution.</p>
|
||||
<p>At the time of this writing, XMPP PGP has not been widely implemented (though some
|
||||
implementations do exist). XMPP PGP appears to have limited applicability.</p>
|
||||
</section2>
|
||||
<section2 topic="CDCIE-CCP" anchor="cdcie-ccp">
|
||||
<p>Alternative approaches have been developed. For instance, the Cross Domain Collaborative
|
||||
@ -265,14 +272,22 @@
|
||||
<p>While this approach has been implemented and deployed to some extent, the approach appears
|
||||
to have applicability limited to the CDCIE.</p>
|
||||
</section2>
|
||||
<section2 topic="Encapsulated Digitial Signatures in XMPP" anchor="xmpp-ed-dsig">
|
||||
<p>The &xmpp-dsig-new; (XMPP DSIG) is an encapsulated signature proposal similar to
|
||||
that encapsulated approach suggested below.</p>
|
||||
<p>Unlike CDCIE-CCP approach, XMPP DSIG signatures are not "enveloped" signatures over the
|
||||
whole stanza but signatures over a manifest and descriptive objects detailing the stanza
|
||||
contents.</p>
|
||||
</section2>
|
||||
</section1>
|
||||
|
||||
<section1 topic="Protocol Design Discussion" anchor="design">
|
||||
<section2 topic="Encapsulated v. Encapsulating Signatures" anchor="encap">
|
||||
<p>An encapsulating signature is a signature approach that encapsulates the signed content
|
||||
within the signature syntax. An encapsulated signature is a signature approach where the
|
||||
signature syntax in encapsulated within the structure of the signed content. XMPP E2E and
|
||||
XMPP DSIG are examples of the former. CDCIE-CCP is an example of the latter.</p>
|
||||
signature syntax in encapsulated within the structure of the signed content. XMPP E2E
|
||||
and XMPP PGP are examples of the former. CDCIE-CCP and XMPP DSIG are examples
|
||||
of the latter.</p>
|
||||
|
||||
<p>The following example illustrates, using pseudo language, an encapsulating signature over a
|
||||
&MESSAGE; stanza.</p>
|
||||
@ -311,8 +326,8 @@
|
||||
</encapsulated-signature>
|
||||
</message>
|
||||
]]></example>
|
||||
<p>Applicability of a simple (non-nesting) encapsulating signatures, such as in XMPP E2E and
|
||||
XMPP DSIG, are generally limited to end-to-end use cases. That is, cases where the
|
||||
<p>Applicability of a simple (non-nesting) encapsulating signatures, such as in XMPP E2E
|
||||
and XMPP PGP, are generally limited to end-to-end use cases. That is, cases where the
|
||||
originator of a stanza signs the stanza and send it through the XMPP network to its intended
|
||||
recipient, and only the intended recipient is expected to make use of the signed content.
|
||||
Entities between the signer and the intended recipient are expected to forward of the stanza
|
||||
@ -456,12 +471,12 @@
|
||||
</Manifest>
|
||||
</Object>
|
||||
<Object>
|
||||
<XMPPprop id='X-xmppprop'>
|
||||
<XMPPproperties id='X-xmppprop'>
|
||||
<stanza>message</stanza>
|
||||
<type>chat</type>
|
||||
<from>juliet@example.com</from>
|
||||
<to>romeo@example.net</to>
|
||||
</XMPPStanza>
|
||||
</XMPPproperties>
|
||||
</Object>
|
||||
<Object>
|
||||
<SignatureProperties id="X-sigprop" Target="#X-sig">
|
||||
|
||||
24
xep-0285.xml
24
xep-0285.xml
@ -10,9 +10,9 @@
|
||||
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
|
||||
<xep>
|
||||
<header>
|
||||
<title>Digital Signatures in XMPP</title>
|
||||
<abstract>This document provides a technical specification for Digital Signatures in the
|
||||
Extensible Messaging and Presence Protocol (XMPP).</abstract> &LEGALNOTICE;
|
||||
<title>Encapsulating Digital Signatures in XMPP</title>
|
||||
<abstract>This document provides a technical specification for Encapsulating Digital Signatures
|
||||
in the Extensible Messaging and Presence Protocol (XMPP).</abstract> &LEGALNOTICE;
|
||||
<number>0285</number>
|
||||
<status>Experimental</status>
|
||||
<type>Standards Track</type>
|
||||
@ -26,6 +26,13 @@
|
||||
<supersededby/>
|
||||
<shortname>N/A</shortname>
|
||||
&kdz;
|
||||
<revision>
|
||||
<version>0.3</version>
|
||||
<date>2011-01-12</date>
|
||||
<initials>kdz</initials>
|
||||
<remark><p>Change title, and clarify in text, that this is an encapulating digital
|
||||
signature approach, an alternative to the encapulated digitial signatures proposal.</p></remark>
|
||||
</revision>
|
||||
<revision>
|
||||
<version>0.2</version>
|
||||
<date>2010-09-29</date>
|
||||
@ -49,6 +56,9 @@
|
||||
</header>
|
||||
|
||||
<section1 topic="Introduction" anchor="intro">
|
||||
<p class='box'><em>This document is one of two proposals for digital signatures in XMPP. It is expected
|
||||
that only one of these proposals be progressed beyond Experimental on the Standards Track.</em></p>
|
||||
|
||||
<p>This document provides a technical specification for Digital Signatures in Extensible
|
||||
Messaging and Presence Protocol (&xmpp;) based upon End-to-End Object Encryption
|
||||
(&E2EEncrypt;) "work in progress".</p>
|
||||
@ -59,9 +69,11 @@
|
||||
referred to as an "offline message"). The authors surmise that RFC 3923 has not been
|
||||
implemented mainly because it adds several new dependencies to XMPP clients, especially MIME
|
||||
(along with the CPIM and MSGFMT media types).</p>
|
||||
<p>This document explores the possibility of an
|
||||
approach that is similar to but simpler than RFC 3923. Like the approach detailed in RFC 3923,
|
||||
the approach detailed does not support <em>optimistic signing</em>.</p>
|
||||
<p>This document explores the possibility of an approach that is similar to but simpler than
|
||||
RFC 3923. Like the approach detailed in RFC 3923, the approach utilizes encapsulating
|
||||
digital signatures.</p>
|
||||
<p>Like other encapsulating signature approaches (e.g., &xep0027;), this approach does not
|
||||
support <em>optimistic signing</em>.</p>
|
||||
</section1>
|
||||
<section1 topic="Signing XMPP Stanzas" anchor="stanza">
|
||||
<p>The process that a sending agent follows for securing stanzas is very similar regardless of
|
||||
|
||||
Loading…
Reference in New Issue
Block a user