From 89ec670e36191019c6c243487360f16862bb1883 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20Sch=C3=A4fer?= Date: Tue, 20 Dec 2022 18:43:14 +0100 Subject: [PATCH] Accept inbox/pubsub-targeted-encryption.xml as XEP-0477 --- xep-0477.xml | 127 +++++++++++++++++++++++++++++++++++++++++++++++++++ xep.ent | 1 + 2 files changed, 128 insertions(+) create mode 100644 xep-0477.xml diff --git a/xep-0477.xml b/xep-0477.xml new file mode 100644 index 00000000..ae15bb58 --- /dev/null +++ b/xep-0477.xml @@ -0,0 +1,127 @@ + + +%ents; +]> + + +
+ Pubsub Targeted Encryption + Specifies a way to encrypt pubsub items for a restricted set of entities + &LEGALNOTICE; + 0477 + Experimental + Standards Track + Standards + Council + + XMPP Core + XEP-0001 + XEP-0004 + XEP-0060 + XEP-0384 + + + + pte + + Jérôme + Poisson + goffi@goffi.org + goffi@jabber.fr + + + 0.1.0 + 2022-12-20 + XEP Editor (jsc) + Accepted by vote of Council on 2022-11-30. + + + 0.0.1 + 2022-10-31 + jp +

First draft.

 + +
+ +

While it is nowadays possible to encrypt pubsub items with OpenPGP for XMPP Pubsub, this specification is designed for pubsub nodes were all items are end-to-end encrypted, and it is using symmetric encryption with a system of key sharing, meaning that if a key is available, it can decrypt all items encrypted with it.

+

This is fine for most use cases, however it may be desirable to only encrypt a few items with properties such as Perfect Forward Secrecy. This specification describes a way on how to do that by adapting existing end-to-end encryption algorithms used in instant messaging to pubsub items. This may be used to implement restricted items (a feature known is some other software such as "aspects" or "circles") or for transient nodes.

+ + +

The design goal of this specification is do adapt simply existing e2e encryption algorithms used for messages to pubsub items.

+ + + + +

Juliet holds a public blog using &xep0277;. However, she wants to publish a new items that should be visible only to some well targeted users. To do so she encrypt the payload in the same way as she encrypt messages with algorithm such as &xep0384;. She wrap the encrypted payload in an <encrypted/> element qualified by the 'urn:xmpp:pte:0' namespace which MUST have a 'by' attribute with its own bare jid as value, and which MUST have a 'type' attribute whose value is the namespace of the algorithm used.

+

She decides to use &xep0384; to encrypt her items, her client publish an item like this:

+ + + + + + +
+ + ChDRqSBLTR+RtRIH8io7kf22EmgIARACGiCasIYfB6Zfe5SNyT8twIa+mEYA8h7uEQIjQ64dJx4vXiJAZSpXPRW+sVVSC7gc4lDEiTA4DT7AIh/woa82PFjgFdL0A8HTyBe7yh3UWThZGuTp5A3zmjXH7pAwKX85oxQ8XA== + +
+ DWmAVvrKlPPh23OmvmIrJmQXj5hVtgAnY8IOGZNqJc59T93hzsTen7tw7Kea5KfM3btfS25xd6RRWe0ZrqdvdGtKfHJFc77k5pQ052br4Qxw9kLWCVGqpNkrpwoBUshqs5mwA1WRLGdUfEsMaePwZv4m9xvXZSrxNIf9vQNX/GJM2GAT55exZSRU0Px8/E8j0XMtHCuZ4j3z0EBk1NZin0suQv8rVy1liWACPNuVrnU7h8LpdWmUggYztqL9l1yoxzEOFRrpdFkDqcZDLbO8bWAcYQNpWYoefaYvnvLV4zkW4dELQydSC2KkGMN/LmdYspVUPzPpQt7OmAKAndFWXTsAV5wmbtVsr15TzxI4NVDZyp7G70TYyTHlhG2gAq7StVj09bJi6IHa59L1BgNrNKT/ZG8pbe/GXUoPg4q9ZfuDiOYBHUugUxNsVFactRp6UocaQT/RogrqKY3o6NlTvnqVYpMJsi72cp8uQWTPtqwBpxyhAY0jKp1D+y7m2wzbeD2SZCw5+FryXulQhCKJ0dLI00PJr4dELWdu+uQLdyHl5FxG4D8mLQVOnY/TMa0vXUxsMAQI8g8LEHdJIhKU4GyVt125WhrbMrbcBu8iKCYmiz820siZeD8i5iZa1eQ69hnA9iCqMRS2DsqieUeI1Y4I7+0pHcyzpNC8408B7LhkgwxOEopExdOfv1NFwamsN5zXhCqj386oGRl9Ry0Gw+QSv9jlW4FB0rM8r+GF5gB66p0nYU/U5W8efXgNI/W1yAdUxgXc9FiQMmzIauTmR4m5WUxPjBggVYz1q3TkeZHQJpWy47EWZPnM9leWKNqC + + + + + + +]]> + + + + + +

The properties of the encryption algorithm applies. For instance in the case of &xep0384;, there Perfect Forward Secrecy, meaning that once an item has been decrypted once by a targeted entity, it can't be decrypted anymore. Client shoud then handle pubsub caching of the decrypted item when necessary.

+ + + +

If a client supports the protocol specified in this XEP, it MUST advertise it by including the "urn:xmpp:pte:0" discovery feature in response to a &xep0030; information request, Then the supported encryption algorithms are announced as explained in their respective XEPs.

+ + + +]]> + + + ... + + + ... + +]]> + + + + +

Security Considerations of used encryption specifications apply.

+ + + +

TODO

+ + +

TODO

+ + +

TODO

+ + +

Thanks to NLNet foundation/NGI0 Discovery for funding.

+ + diff --git a/xep.ent b/xep.ent index d7f49577..a444b777 100644 --- a/xep.ent +++ b/xep.ent @@ -1672,3 +1672,4 @@ IANA Service Location Protocol, Version 2 (SLPv2) Templates SASL SCRAM Downgrade Protection (XEP-0474) XEP-0474: SASL SCRAM Downgrade Protection <https://xmpp.org/extensions/xep-0474.html>." > Pubsub Signing (XEP-0475) XEP-0475: Pubsub Signing <https://xmpp.org/extensions/xep-0475.html>." > Pubsub Signing: OpenPGP Profile (XEP-0476) XEP-0476: Pubsub Signing: OpenPGP Profile <https://xmpp.org/extensions/xep-0476.html>." > +Pubsub Targeted Encryption (XEP-0477) XEP-0477: Pubsub Targeted Encryption <https://xmpp.org/extensions/xep-0477.html>." >