moparisthebest
/
xeps
mirror of https://github.com/moparisthebest/xeps
1
0
Fork 0
Code Issues Releases Wiki Activity

Accept inbox/pubsub-targeted-encryption.xml as XEP-0477

This commit is contained in:
Jonas Schäfer 2022-12-20 18:43:14 +01:00
parent d78a3a3a0f
commit 89ec670e36
2 changed files with 128 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

127
xep-0477.xml Normal file
View File

@ -0,0 +1,127 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
%ents;
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
<xep>
<header>
<title>Pubsub Targeted Encryption</title>
<abstract>Specifies a way to encrypt pubsub items for a restricted set of entities</abstract>
&LEGALNOTICE;
<number>0477</number>
<status>Experimental</status>
<type>Standards Track</type>
<sig>Standards</sig>
<approver>Council</approver>
<dependencies>
<spec>XMPP Core</spec>
<spec>XEP-0001</spec>
<spec>XEP-0004</spec>
<spec>XEP-0060</spec>
<spec>XEP-0384</spec>
</dependencies>
<supersedes/>
<supersededby/>
<shortname>pte</shortname>
<author>
<firstname>Jérôme</firstname>
<surname>Poisson</surname>
<email>goffi@goffi.org</email>
<jid>goffi@jabber.fr</jid>
</author>
<revision>
<version>0.1.0</version>
<date>2022-12-20</date>
<initials>XEP Editor (jsc)</initials>
<remark>Accepted by vote of Council on 2022-11-30.</remark>
</revision>
<revision>
<version>0.0.1</version>
<date>2022-10-31</date>
<initials>jp</initials>
<remark><p>First draft.</p></remark>
</revision>
</header>
<section1 topic='Introduction' anchor='intro'>
<p>While it is nowadays possible to encrypt pubsub items with OpenPGP for XMPP Pubsub, this specification is designed for pubsub nodes were all items are end-to-end encrypted, and it is using symmetric encryption with a system of key sharing, meaning that if a key is available, it can decrypt all items encrypted with it.</p>
<p>This is fine for most use cases, however it may be desirable to only encrypt a few items with properties such as Perfect Forward Secrecy. This specification describes a way on how to do that by adapting existing end-to-end encryption algorithms used in instant messaging to pubsub items. This may be used to implement restricted items (a feature known is some other software such as "aspects" or "circles") or for transient nodes.</p>
</section1>
<section1 topic='Requirements' anchor='reqs'>
<p>The design goal of this specification is do adapt simply existing e2e encryption algorithms used for messages to pubsub items.</p>
</section1>
<section1 topic='Use Cases' anchor='usecases'>
<section2 topic='Encrypting a Pubsub Item' anchor='encrypt'>
<p>Juliet holds a public blog using &xep0277;. However, she wants to publish a new items that should be visible only to some well targeted users. To do so she encrypt the payload in the same way as she encrypt messages with algorithm such as &xep0384;. She wrap the encrypted payload in an &lt;encrypted/&gt; element qualified by the 'urn:xmpp:pte:0' namespace which MUST have a 'by' attribute with its own bare jid as value, and which MUST have a 'type' attribute whose value is the namespace of the algorithm used.</p>
<p>She decides to use &xep0384; to encrypt her items, her client publish an item like this:</p>
<example caption="Juliet Publish a Targeted Encrypted Item"><![CDATA[
<iq xmlns="jabber:client" id="pte_1" type="set" from="juliet@capulet.lit/chamber" to="juliet@capulet.lit">
<pubsub xmlns="http://jabber.org/protocol/pubsub">
<items node="urn:xmpp:microblog:0">
<item id="secret_blog_post" publisher="juliet@capulet.lit/chamber">
<encrypted xmlns="urn:xmpp:pte:0" by="juliet@capulet.lit" type="urn:xmpp:omemo:2">
<encrypted xmlns="urn:xmpp:omemo:2">
<header sid="878841001">
<keys jid="juliet@capulet.lit">
<key rid="673880319">ChDRqSBLTR+RtRIH8io7kf22EmgIARACGiCasIYfB6Zfe5SNyT8twIa+mEYA8h7uEQIjQ64dJx4vXiJAZSpXPRW+sVVSC7gc4lDEiTA4DT7AIh/woa82PFjgFdL0A8HTyBe7yh3UWThZGuTp5A3zmjXH7pAwKX85oxQ8XA==</key>
</keys>
</header>
<payload>DWmAVvrKlPPh23OmvmIrJmQXj5hVtgAnY8IOGZNqJc59T93hzsTen7tw7Kea5KfM3btfS25xd6RRWe0ZrqdvdGtKfHJFc77k5pQ052br4Qxw9kLWCVGqpNkrpwoBUshqs5mwA1WRLGdUfEsMaePwZv4m9xvXZSrxNIf9vQNX/GJM2GAT55exZSRU0Px8/E8j0XMtHCuZ4j3z0EBk1NZin0suQv8rVy1liWACPNuVrnU7h8LpdWmUggYztqL9l1yoxzEOFRrpdFkDqcZDLbO8bWAcYQNpWYoefaYvnvLV4zkW4dELQydSC2KkGMN/LmdYspVUPzPpQt7OmAKAndFWXTsAV5wmbtVsr15TzxI4NVDZyp7G70TYyTHlhG2gAq7StVj09bJi6IHa59L1BgNrNKT/ZG8pbe/GXUoPg4q9ZfuDiOYBHUugUxNsVFactRp6UocaQT/RogrqKY3o6NlTvnqVYpMJsi72cp8uQWTPtqwBpxyhAY0jKp1D+y7m2wzbeD2SZCw5+FryXulQhCKJ0dLI00PJr4dELWdu+uQLdyHl5FxG4D8mLQVOnY/TMa0vXUxsMAQI8g8LEHdJIhKU4GyVt125WhrbMrbcBu8iKCYmiz820siZeD8i5iZa1eQ69hnA9iCqMRS2DsqieUeI1Y4I7+0pHcyzpNC8408B7LhkgwxOEopExdOfv1NFwamsN5zXhCqj386oGRl9Ry0Gw+QSv9jlW4FB0rM8r+GF5gB66p0nYU/U5W8efXgNI/W1yAdUxgXc9FiQMmzIauTmR4m5WUxPjBggVYz1q3TkeZHQJpWy47EWZPnM9leWKNqC</payload>
</encrypted>
</encrypted>
</item>
</items>
</pubsub>
</iq>
]]></example>
</section2>
</section1>
<section1 topic='Business Rules' anchor='rules'>
<p>The properties of the encryption algorithm applies. For instance in the case of &xep0384;, there Perfect Forward Secrecy, meaning that once an item has been decrypted once by a targeted entity, it can't be decrypted anymore. Client shoud then handle pubsub caching of the decrypted item when necessary.</p>
</section1>
<section1 topic='Discovering Support' anchor='disco'>
<p>If a client supports the protocol specified in this XEP, it MUST advertise it by including the "urn:xmpp:pte:0" discovery feature in response to a &xep0030; information request, Then the supported encryption algorithms are announced as explained in their respective XEPs.</p>
<example caption="Service Discovery information request"><![CDATA[
<iq type='get'
from='juliet@example.org/balcony'
to='romeo@example.org/orchard'
id='disco1'>
<query xmlns='http://jabber.org/protocol/disco#info'/>
</iq>]]></example>
<example caption="Service Discovery information response"><![CDATA[
<iq type='result'
from='romeo@example.org/orchard'
to='juliet@example.org/balcony'
id='disco1'>
<query xmlns='http://jabber.org/protocol/disco#info'>
...
<feature var='urn:xmpp:pte:0'/>
<feature var='urn:xmpp:omemo:2'/>
...
</query>
</iq>]]></example>
</section1>
<section1 topic='Security Considerations' anchor='security'>
<p>Security Considerations of used encryption specifications apply.</p>
</section1>
<section1 topic='IANA Considerations' anchor='iana'>
<p>TODO</p>
</section1>
<section1 topic='XMPP Registrar Considerations' anchor='registrar'>
<p>TODO</p>
</section1>
<section1 topic='XML Schema' anchor='schema'>
<p>TODO</p>
</section1>
<section1 topic='Acknowledgements' anchor='acks'>
<p>Thanks to NLNet foundation/NGI0 Discovery for funding.</p>
</section1>
</xep>

1
xep.ent
View File

@ -1672,3 +1672,4 @@ IANA Service Location Protocol, Version 2 (SLPv2) Templates</link></span> <note>
<!ENTITY xep0474 "<span class='ref'><link url='https://xmpp.org/extensions/xep-0474.html'>SASL SCRAM Downgrade Protection (XEP-0474)</link></span> <note>XEP-0474: SASL SCRAM Downgrade Protection &lt;<link url='https://xmpp.org/extensions/xep-0474.html'>https://xmpp.org/extensions/xep-0474.html</link>&gt;.</note>" >
<!ENTITY xep0475 "<span class='ref'><link url='https://xmpp.org/extensions/xep-0475.html'>Pubsub Signing (XEP-0475)</link></span> <note>XEP-0475: Pubsub Signing &lt;<link url='https://xmpp.org/extensions/xep-0475.html'>https://xmpp.org/extensions/xep-0475.html</link>&gt;.</note>" >
<!ENTITY xep0476 "<span class='ref'><link url='https://xmpp.org/extensions/xep-0476.html'>Pubsub Signing: OpenPGP Profile (XEP-0476)</link></span> <note>XEP-0476: Pubsub Signing: OpenPGP Profile &lt;<link url='https://xmpp.org/extensions/xep-0476.html'>https://xmpp.org/extensions/xep-0476.html</link>&gt;.</note>" >
<!ENTITY xep0477 "<span class='ref'><link url='https://xmpp.org/extensions/xep-0477.html'>Pubsub Targeted Encryption (XEP-0477)</link></span> <note>XEP-0477: Pubsub Targeted Encryption &lt;<link url='https://xmpp.org/extensions/xep-0477.html'>https://xmpp.org/extensions/xep-0477.html</link>&gt;.</note>" >