mirror of
https://github.com/moparisthebest/xeps
synced 2024-11-21 16:55:07 -05:00
Merge pull request #552 from Flowdalic/xep-isr-sasl2
Update inbox/isr-sasl2.xml to 0.0.5
This commit is contained in:
commit
b691a40406
@ -1,9 +1,8 @@
|
|||||||
<?xml version='1.0' encoding='UTF-8'?>
|
<?xml version='1.0' encoding='UTF-8'?>
|
||||||
<!DOCTYPE xep SYSTEM 'xep.dtd' [
|
<!DOCTYPE xep SYSTEM 'xep.dtd' [
|
||||||
<!ENTITY % ents SYSTEM 'xep.ent'>
|
<!ENTITY % ents SYSTEM 'xep.ent'>
|
||||||
<!ENTITY tls13 "<span class='ref'><link url='https://tools.ietf.org/html/draft-ietf-tls-tls13-19'>draft-ietf-tls-tls13-19</link></span> <note>The Transport Layer Security (TLS) Protocol Version 1.3 <<link url='https://tools.ietf.org/html/draft-ietf-tls-tls13-19'>https://tools.ietf.org/html/draft-ietf-tls-tls13-19</link>>.</note>" >
|
<!ENTITY tls13 "<span class='ref'><link url='https://tools.ietf.org/html/draft-ietf-tls-tls13-21'>draft-ietf-tls-tls13-21</link></span> <note>The Transport Layer Security (TLS) Protocol Version 1.3 <<link url='https://tools.ietf.org/html/draft-ietf-tls-tls13-21'>https://tools.ietf.org/html/draft-ietf-tls-tls13-21</link>>.</note>" >
|
||||||
<!ENTITY iana-hash-alg "<span class='ref'><link url='https://www.iana.org/assignments/named-information/named-information.xhtml#hash-alg'>IANA Named Information Hash Algorithm Registry</link></span><note>IANA Named Information Hash Algorithm Registry <<link url='https://www.iana.org/assignments/named-information/named-information.xhtml#hash-alg'>https://www.iana.org/assignments/named-information/named-information.xhtml#hash-alg</link>>.</note>" >
|
<!ENTITY sasl-ht "<span class='ref'><link url='https://tools.ietf.org/html/draft-schmaus-kitten-sasl-ht-03'>draft-schmaus-sasl-ht-03</link></span><note>draft-schmaus-sasl-ht-03: The Hashed Token SASL Mechanism <<link url='https://tools.ietf.org/html/draft-schmaus-kitten-sasl-ht-03'>https://tools.ietf.org/html/draft-schmaus-kitten-sasl-ht-03</link>>.</note>" >
|
||||||
<!ENTITY iana-cbt "<span class='ref'><link url='https://www.iana.org/assignments/channel-binding-types/channel-binding-types.xhtml'>IANA Channel-Binding Types</link></span><note>IANA Channel-Binding Types<<link url='https://www.iana.org/assignments/channel-binding-types/channel-binding-types.xhtml'>https://www.iana.org/assignments/channel-binding-types/channel-binding-types.xhtml</link>>.</note>" >
|
|
||||||
%ents;
|
%ents;
|
||||||
]>
|
]>
|
||||||
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
|
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
|
||||||
@ -14,62 +13,7 @@
|
|||||||
<abstract>This specification introduces a mechanism for instant
|
<abstract>This specification introduces a mechanism for instant
|
||||||
stream resumption, based on Stream Management (XEP-0198), allowing
|
stream resumption, based on Stream Management (XEP-0198), allowing
|
||||||
XMPP entities to instantaneously resume an XMPP stream.</abstract>
|
XMPP entities to instantaneously resume an XMPP stream.</abstract>
|
||||||
|
&LEGALNOTICE;
|
||||||
<legal>
|
|
||||||
<copyright>This XMPP Extension Protocol is copyright (c) 1999 -
|
|
||||||
2016 by the XMPP Standards Foundation (XSF).</copyright>
|
|
||||||
|
|
||||||
<permissions>Permission is hereby granted, free of charge, to any
|
|
||||||
person obtaining a copy of this specification (the
|
|
||||||
"Specification"), to make use of the Specification
|
|
||||||
without restriction, including without limitation the rights to
|
|
||||||
implement the Specification in a software program, deploy the
|
|
||||||
Specification in a network service, and copy, modify, merge,
|
|
||||||
publish, translate, distribute, sublicense, or sell copies of the
|
|
||||||
Specification, and to permit persons to whom the Specification is
|
|
||||||
furnished to do so, subject to the condition that the foregoing
|
|
||||||
copyright notice and this permission notice shall be included in
|
|
||||||
all copies or substantial portions of the Specification. Unless
|
|
||||||
separate permission is granted, modified works that are
|
|
||||||
redistributed shall not contain misleading information regarding
|
|
||||||
the authors, title, number, or publisher of the Specification, and
|
|
||||||
shall not claim endorsement of the modified works by the authors,
|
|
||||||
any organization or project to which the authors belong, or the
|
|
||||||
XMPP Standards Foundation.</permissions>
|
|
||||||
|
|
||||||
<warranty>## NOTE WELL: This Specification is provided on an
|
|
||||||
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
||||||
KIND, express or implied, including, without limitation, any
|
|
||||||
warranties or conditions of TITLE, NON-INFRINGEMENT,
|
|
||||||
MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. In no event
|
|
||||||
shall the XMPP Standards Foundation or the authors of this
|
|
||||||
Specification be liable for any claim, damages, or other
|
|
||||||
liability, whether in an action of contract, tort, or otherwise,
|
|
||||||
arising from, out of, or in connection with the Specification or
|
|
||||||
the implementation, deployment, or other use of the
|
|
||||||
Specification. ##</warranty>
|
|
||||||
|
|
||||||
<liability>In no event and under no legal theory, whether in tort
|
|
||||||
(including negligence), contract, or otherwise, unless required by
|
|
||||||
applicable law (such as deliberate and grossly negligent acts) or
|
|
||||||
agreed to in writing, shall the XMPP Standards Foundation or any
|
|
||||||
author of this Specification be liable for damages, including any
|
|
||||||
direct, indirect, special, incidental, or consequential damages of
|
|
||||||
any character arising out of the use or inability to use the
|
|
||||||
Specification (including but not limited to damages for loss of
|
|
||||||
goodwill, work stoppage, computer failure or malfunction, or any
|
|
||||||
and all other commercial damages or losses), even if the XMPP
|
|
||||||
Standards Foundation or such author has been advised of the
|
|
||||||
possibility of such damages.</liability>
|
|
||||||
|
|
||||||
<conformance>This XMPP Extension Protocol has been contributed in
|
|
||||||
full conformance with the XSF's Intellectual Property Rights
|
|
||||||
Policy (a copy of which may be found at <<link
|
|
||||||
url='http://xmpp.org/extensions/ipr-policy.shtml'>http://xmpp.org/extensions/ipr-policy.shtml</link>>
|
|
||||||
or obtained by writing to XSF, P.O. Box 1641, Denver, CO 80201
|
|
||||||
USA).</conformance>
|
|
||||||
</legal>
|
|
||||||
|
|
||||||
<number>xxxx</number>
|
<number>xxxx</number>
|
||||||
<status>ProtoXEP</status>
|
<status>ProtoXEP</status>
|
||||||
<type>Standards Track</type>
|
<type>Standards Track</type>
|
||||||
@ -89,6 +33,23 @@
|
|||||||
<email>flo@geekplace.eu</email>
|
<email>flo@geekplace.eu</email>
|
||||||
<jid>flo@geekplace.eu</jid>
|
<jid>flo@geekplace.eu</jid>
|
||||||
</author>
|
</author>
|
||||||
|
<revision>
|
||||||
|
<version>0.0.5</version>
|
||||||
|
<date>2017-11-30</date>
|
||||||
|
<initials>fs</initials>
|
||||||
|
<remark><p>Minor changes</p></remark>
|
||||||
|
</revision>
|
||||||
|
<revision>
|
||||||
|
<version>0.0.4</version>
|
||||||
|
<date>2017-10-15</date>
|
||||||
|
<initials>fs</initials>
|
||||||
|
<remark>
|
||||||
|
<ul>
|
||||||
|
<li>Bump SASL2 namespace to urn:xmpp:sasl:1, and as result:</li>
|
||||||
|
<li>Rename 'key' to 'token'</li>
|
||||||
|
</ul>
|
||||||
|
</remark>
|
||||||
|
</revision>
|
||||||
<revision>
|
<revision>
|
||||||
<version>0.0.3</version>
|
<version>0.0.3</version>
|
||||||
<date>2017-03-17</date>
|
<date>2017-03-17</date>
|
||||||
@ -120,7 +81,7 @@
|
|||||||
url='http://xmpp.org/extensions/xep-0198.html#resumption'><cite>XEP-0198</cite>
|
url='http://xmpp.org/extensions/xep-0198.html#resumption'><cite>XEP-0198</cite>
|
||||||
§ 5</link>, the approach defined herein reduces the round trips
|
§ 5</link>, the approach defined herein reduces the round trips
|
||||||
required to resume a stream to exactly <em>one</em>. This is
|
required to resume a stream to exactly <em>one</em>. This is
|
||||||
achieved by using just a secure short-lived key to resume the
|
achieved by using just a secure short-lived token to resume the
|
||||||
stream.</p>
|
stream.</p>
|
||||||
|
|
||||||
</section1>
|
</section1>
|
||||||
@ -133,7 +94,7 @@
|
|||||||
<dd>Instant Stream Resumption.</dd>
|
<dd>Instant Stream Resumption.</dd>
|
||||||
</di>
|
</di>
|
||||||
<di>
|
<di>
|
||||||
<dt>Instant Stream Resumption Key (ISR Key)</dt>
|
<dt>Instant Stream Resumption Token (ISR Token)</dt>
|
||||||
<dd>A shared secret that is exclusively ephemeral and represented as string.</dd>
|
<dd>A shared secret that is exclusively ephemeral and represented as string.</dd>
|
||||||
</di>
|
</di>
|
||||||
<di>
|
<di>
|
||||||
@ -155,7 +116,7 @@
|
|||||||
<p>XMPP entities providing Instant Stream Resumption MUST announce
|
<p>XMPP entities providing Instant Stream Resumption MUST announce
|
||||||
that functionality as stream feature, but only if an instant stream
|
that functionality as stream feature, but only if an instant stream
|
||||||
resumption is possible at this stage. The ISR stream future consists
|
resumption is possible at this stage. The ISR stream future consists
|
||||||
of an <isr/> element qualified by the 'urn:xmpp:isr:0'
|
of an <isr/> element qualified by the 'htpps://xmpp.org/extensions/isr/0'
|
||||||
namespace. And since ISR requires TLS, this means that the
|
namespace. And since ISR requires TLS, this means that the
|
||||||
<isr/> stream feature only appears on TLS secured
|
<isr/> stream feature only appears on TLS secured
|
||||||
connections.</p>
|
connections.</p>
|
||||||
@ -175,66 +136,64 @@
|
|||||||
<stream:features>
|
<stream:features>
|
||||||
<bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'/>
|
<bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'/>
|
||||||
<sm xmlns='urn:xmpp:sm:3'/>
|
<sm xmlns='urn:xmpp:sm:3'/>
|
||||||
<isr xmlns='urn:xmpp:isr:0'>
|
<isr xmlns='https://xmpp.org/extensions/isr/0'>
|
||||||
<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
|
<mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
|
||||||
<mechanism>X-HT-SHA-256-ENDP</mechanism>
|
<mechanism>HT-SHA-256-ENDP</mechanism>
|
||||||
</mechaisms>
|
</mechaisms>
|
||||||
</isr>
|
</isr>
|
||||||
</stream:features>
|
</stream:features>
|
||||||
]]></example>
|
]]></example>
|
||||||
|
|
||||||
<p>Every ISR enabled entity MUST support the X-HT-SHA-256-ENDP
|
<p>Every ISR enabled entity SHOULD support the HT-SHA-256-ENDP
|
||||||
mechanism, support for X-HT-SHA-256-UNIQ is RECOMMENDED. The family
|
mechanism, support for HT-SHA-256-UNIQ is RECOMMENDED. The family
|
||||||
of SASL <cite>X-HT-*</cite> mechanisms is defined below in <link
|
of <cite>HT SASL</cite> mechanisms is specified in &sasl-ht;.</p>
|
||||||
url='#ht-sasl'>Section 6</link>.</p>
|
|
||||||
|
|
||||||
</section1>
|
</section1>
|
||||||
|
|
||||||
<section1 topic='Obtaining a Instant Stream Resumption Key' anchor='obtain'>
|
<section1 topic='Obtaining a Instant Stream Resumption Token' anchor='obtain'>
|
||||||
|
|
||||||
<p>In order to obtain an ISR key, the requesting entity must add a
|
<p>In order to obtain an ISR token, the requesting entity must add an
|
||||||
'mechanism' attribute qualified by the 'urn:xmpp:isr:0' namespace to
|
'isr-enable' element qualified by the 'htpps://xmpp.org/extensions/isr/0' namespace to the
|
||||||
the <enable/> element as defined in &xep0198; when attempting
|
<enable/> element as defined in &xep0198; when attempting to
|
||||||
to enable Stream Management. The value of the 'mechanism' attribute
|
enable Stream Management. This <isr-enable/> element MUST contain a
|
||||||
is the name of the SASL mechanism the requesting entity will use
|
'mechanism' attribute containing the name of the SASL mechanism the
|
||||||
when performing ISR with the returned key. The entities involved in
|
requesting entity will use when performing ISR with the returned
|
||||||
ISR MUST only use or allow this mechanism when performing ISR with
|
token. The entities involved in ISR MUST only use or allow this
|
||||||
the according key. This effectively pins the SASL
|
mechanism when performing ISR with the according token. This
|
||||||
mechanism <note>Pinning the SASL mechanism is believed to
|
effectively pins the SASL mechanism <note>Pinning the SASL mechanism
|
||||||
increase the security</note>.</p>
|
is believed to increase the security</note>.</p>
|
||||||
|
|
||||||
<example caption='An <enable/gt; Nonza with the ISR 'mechanism' attribute'><![CDATA[
|
<example caption='An <enable/> Nonza with the ISR 'mechanism' element'><![CDATA[
|
||||||
<enable
|
<enable xmlns='urn:xmpp:sm:3'>
|
||||||
xmlns='urn:xmpp:sm:3'
|
<isr-enable xmlns='https://xmpp.org/extensions/isr/0' mechanism='HT-SHA-256-ENDP'/>
|
||||||
xmlns:isr='urn:xmpp:isr:0'
|
</enable>
|
||||||
isr:mechanism='X-HT-SHA-256-ENDP'/>
|
|
||||||
]]></example>
|
]]></example>
|
||||||
|
|
||||||
<p>Next, the <enabled/> Nonza (see &xep0360;) which is send as
|
<p>Next, the <enabled/> Nonza (see &xep0360;) which is send as
|
||||||
positive reply upon a request to enable Stream Management, MUST
|
positive reply upon a request to enable Stream Management, MUST
|
||||||
contain an 'key' attribute qualified by the 'urn:xmpp:isr:0'
|
contain an 'isr-enabled' element qualified by the 'htpps://xmpp.org/extensions/isr/0'
|
||||||
namespace containing a ISR key. The key MUST be newly generated by a
|
namespace containing a ISR token as value of its 'token' attribute. The
|
||||||
cryptographically secure random number generator and MUST contain at
|
token MUST be newly generated by a cryptographically secure random
|
||||||
lest 128 bit of entropy. The Nonza can optionally also contain a
|
number generator and MUST contain at least 128 bit of entropy. The
|
||||||
'location' attribute qualified by the 'urn:xmpp:isr:0' namespace
|
<isr-enabled/> element can optionally also contain a
|
||||||
|
'location' attribute
|
||||||
which specifies the preferred IP address or hostname, and a TCP port
|
which specifies the preferred IP address or hostname, and a TCP port
|
||||||
number of the host which should be used for instant stream
|
number of the host which should be used for instant stream
|
||||||
resumption.</p>
|
resumption.</p>
|
||||||
|
|
||||||
<example caption='An <enabled/> Nonza with a ISR key'><![CDATA[
|
<example caption='An <enabled/> Nonza with a ISR token'><![CDATA[
|
||||||
<enabled
|
<enabled xmlns='urn:xmpp:sm:3'>
|
||||||
xmlns='urn:xmpp:sm:3'
|
<isr-enabled xmlns='https://xmpp.org/extensions/isr/0' token='a0b9162d-0981-4c7d-9174-1f55aedd1f52'/>
|
||||||
xmlns:isr='urn:xmpp:isr:0'
|
</enabled>]]></example>
|
||||||
isr:key='a0b9162d-0981-4c7d-9174-1f55aedd1f52'/>]]></example>
|
|
||||||
|
|
||||||
<example caption='An <enabled/> Nonza with a ISR key and location'><![CDATA[
|
<example caption='An <enabled/> Nonza with a ISR token and location'><![CDATA[
|
||||||
<enabled
|
<enabled xmlns='urn:xmpp:sm:3'>
|
||||||
xmlns='urn:xmpp:sm:3'
|
<isr-enabled xmlns='https://xmpp.org/extensions/isr/0'
|
||||||
xmlns:isr='urn:xmpp:isr:0'
|
token='a0b9162d-0981-4c7d-9174-1f55aedd1f52'
|
||||||
isr:key='a0b9162d-0981-4c7d-9174-1f55aedd1f52'
|
location='isr.example.org:5222'/>
|
||||||
isr:location='isr.example.org:5222'/>]]></example>
|
</enabled>]]></example>
|
||||||
|
|
||||||
<p>The <enabled/> Nonza containing an ISR key MUST only be
|
<p>The <enabled/> Nonza containing an ISR token MUST only be
|
||||||
sent over TLS secured connections.</p>
|
sent over TLS secured connections.</p>
|
||||||
|
|
||||||
</section1>
|
</section1>
|
||||||
@ -243,7 +202,7 @@
|
|||||||
|
|
||||||
<p>In order to instantaneously resume an XMPP stream the initiating
|
<p>In order to instantaneously resume an XMPP stream the initiating
|
||||||
entity, which is either an XMPP client or server, must posses a
|
entity, which is either an XMPP client or server, must posses a
|
||||||
valid ISR key. After it has obtained the ISR key, using the process
|
valid ISR token. After it has obtained the ISR token, using the process
|
||||||
described in the previous section, it first determines the host for
|
described in the previous section, it first determines the host for
|
||||||
resumption, and after that, tries to perform the instant stream
|
resumption, and after that, tries to perform the instant stream
|
||||||
resumption.</p>
|
resumption.</p>
|
||||||
@ -255,7 +214,7 @@
|
|||||||
|
|
||||||
<ol>
|
<ol>
|
||||||
<li>The host provided in the optional 'location' attribute
|
<li>The host provided in the optional 'location' attribute
|
||||||
qualified by the 'urn:xmpp:isr:0' namespace found in the
|
qualified by the 'htpps://xmpp.org/extensions/isr/0' namespace found in the
|
||||||
<enabled/> element of <cite>XEP-0198</cite> (the
|
<enabled/> element of <cite>XEP-0198</cite> (the
|
||||||
"isr:location").
|
"isr:location").
|
||||||
</li>
|
</li>
|
||||||
@ -269,7 +228,7 @@
|
|||||||
tried by the initiating entity in this order.</p>
|
tried by the initiating entity in this order.</p>
|
||||||
|
|
||||||
<p>Note that the hosts announced by the 'location' attribute
|
<p>Note that the hosts announced by the 'location' attribute
|
||||||
qualified by the 'urn:xmpp:isr:0' namespace MUST be connected to
|
qualified by the 'htpps://xmpp.org/extensions/isr/0' namespace MUST be connected to
|
||||||
using TLS from the beginning, i.e. <starttls/> MUST NOT be
|
using TLS from the beginning, i.e. <starttls/> MUST NOT be
|
||||||
used, instead the TLS handshake is performed right after
|
used, instead the TLS handshake is performed right after
|
||||||
establishing the connection.</p>
|
establishing the connection.</p>
|
||||||
@ -294,21 +253,18 @@
|
|||||||
<p>Now the initiating entity sends an XMPP <stream> open
|
<p>Now the initiating entity sends an XMPP <stream> open
|
||||||
element followed by a <authenticate/> Nonza as specified in
|
element followed by a <authenticate/> Nonza as specified in
|
||||||
the &xep0388;. The initiating entity must also provide a
|
the &xep0388;. The initiating entity must also provide a
|
||||||
<inst-resume/> element qualified by the 'urn:xmpp:isr:0'
|
<inst-resume/> element qualified by the 'htpps://xmpp.org/extensions/isr/0'
|
||||||
namespace, which must contain a <resume/> element as defined
|
namespace, which must contain a <resume/> element as defined
|
||||||
in &xep0198;.</p>
|
in &xep0198;.</p>
|
||||||
|
|
||||||
<p>If the 'without-isr-token' attribute is set to true, then the
|
<p>If the with-isr-token' attribute is set to 'false', then the
|
||||||
SASL mechanisms are performed as when traditionally authenticating
|
SASL mechanism is performed as when traditionally authenticating
|
||||||
the XMPP session. If the value of the attribute is 'false', which is
|
the XMPP session. If the value of the attribute is 'true', which is
|
||||||
the default value for this attribute, then the "password" given to
|
the default value for this attribute, then the "password" given to
|
||||||
the SASL mechanism is the ISR key. Note that this implies that only
|
the SASL mechanism is the ISR token. Note that this implies that only
|
||||||
SASL mechanisms which take a password/token can be used this
|
SASL mechanisms which take a password/token can be used this
|
||||||
way.</p>
|
way.</p>
|
||||||
|
|
||||||
<p>All ISR implementations MUST support the
|
|
||||||
X-HT-SHA-256-ENDP mechanism.</p>
|
|
||||||
|
|
||||||
<example caption='Initiating entity requests instant stream resumption via the Extensible SASL Profile (XEP-0388)'><![CDATA[
|
<example caption='Initiating entity requests instant stream resumption via the Extensible SASL Profile (XEP-0388)'><![CDATA[
|
||||||
<?xml version='1.0'?>
|
<?xml version='1.0'?>
|
||||||
<stream:stream
|
<stream:stream
|
||||||
@ -319,9 +275,9 @@
|
|||||||
xmlns='jabber:client'
|
xmlns='jabber:client'
|
||||||
xmlns:stream='http://etherx.jabber.org/streams'>
|
xmlns:stream='http://etherx.jabber.org/streams'>
|
||||||
|
|
||||||
<authenticate xmlns='urn:xmpp:sasl:0' mechanism='X-HT-SHA-256-ENDP'>
|
<authenticate xmlns='urn:xmpp:sasl:1' mechanism='HT-SHA-256-ENDP'>
|
||||||
<initial-response></initial-response>
|
<initial-response>[base64 encoded SASL data]</initial-response>
|
||||||
<inst-resume xmlns='urn:xmpp:isr:0' without-isr-token='false'/>
|
<inst-resume xmlns='https://xmpp.org/extensions/isr/0' with-isr-token='true'/>
|
||||||
<resume xmlns='urn:xmpp:sm:3'
|
<resume xmlns='urn:xmpp:sm:3'
|
||||||
h='some-sequence-number'
|
h='some-sequence-number'
|
||||||
previd='some-long-sm-id'/>
|
previd='some-long-sm-id'/>
|
||||||
@ -333,20 +289,20 @@
|
|||||||
stream resumption request together with then initial
|
stream resumption request together with then initial
|
||||||
<stream> open element. The initiating entity is able to do
|
<stream> open element. The initiating entity is able to do
|
||||||
so since it already knows that the service supports ISR because it
|
so since it already knows that the service supports ISR because it
|
||||||
announced an ISR key.</p>
|
announced an ISR token.</p>
|
||||||
|
|
||||||
<p>Servers MUST destroy the ISR key of a stream after an instant
|
<p>Servers MUST destroy the ISR token of a stream after an instant
|
||||||
stream resumption was attempted for that stream with an invalid ISR
|
stream resumption was attempted for that stream with an invalid ISR
|
||||||
key. Server implementations MUST implement the ISR key comparision in
|
token. Server implementations MUST implement the ISR token comparision in
|
||||||
linear runtime.</p>
|
linear runtime.</p>
|
||||||
|
|
||||||
<section3 topic='Successful Stream Resumption' anchor='isr-success'>
|
<section3 topic='Successful Stream Resumption' anchor='isr-success'>
|
||||||
|
|
||||||
<example caption='Successful Instant Stream Resumption'><![CDATA[
|
<example caption='Successful Instant Stream Resumption'><![CDATA[
|
||||||
<success xmlns='urn:xmpp:sasl:0'>z
|
<success xmlns='urn:xmpp:sasl:1'>z
|
||||||
<success-data></success-data>
|
<additional-data></additional-data>
|
||||||
<inst-resumed xmlns='urn:xmpp:isr:o'
|
<inst-resumed xmlns='https://xmpp.org/extensions/isr/0'
|
||||||
key='006b1a29-c549-41c7-a12c-2a931822f8c0'>
|
token='006b1a29-c549-41c7-a12c-2a931822f8c0'>
|
||||||
<resumed xmlns='urn:xmpp:sm:3' h='354' previd='123'/>
|
<resumed xmlns='urn:xmpp:sm:3' h='354' previd='123'/>
|
||||||
</inst-resumed>
|
</inst-resumed>
|
||||||
</success>
|
</success>
|
||||||
@ -354,17 +310,17 @@
|
|||||||
|
|
||||||
<p>On success the server replies with a <success/> nonza as
|
<p>On success the server replies with a <success/> nonza as
|
||||||
specified in the &xep0388;, which must include a
|
specified in the &xep0388;, which must include a
|
||||||
<inst-resumed/> element qualified by the 'urn:xmpp:isr:0'
|
<inst-resumed/> element qualified by the 'htpps://xmpp.org/extensions/isr/0'
|
||||||
namespace. This element MUST contain a <em>new</em> ISR Key found in
|
namespace. This element MUST contain a <em>new</em> ISR Token found in
|
||||||
the 'key' attribute. It also MUST include a <resumed/> as
|
the 'token' attribute. It also MUST include a <resumed/> as
|
||||||
specified in &xep0198; containing the sequence number of the last by
|
specified in &xep0198; containing the sequence number of the last by
|
||||||
Stream Management handled stanza in the 'h' attribute and the
|
Stream Management handled stanza in the 'h' attribute and the
|
||||||
'previd' attribute.</p>
|
'previd' attribute.</p>
|
||||||
|
|
||||||
<p>In case of an successful Instant Stream Resumption authenticated
|
<p>In case of an successful Instant Stream Resumption authenticated
|
||||||
by an ISR key, the server MUST immediately destroy the ISR key after
|
by an ISR token, the server MUST immediately destroy the ISR token after
|
||||||
authentication, i.e., it MUST no longer be possible to perform an
|
authentication, i.e., it MUST no longer be possible to perform an
|
||||||
ISR using that ISR key and Stream Management ID (SM-ID, see
|
ISR using that ISR token and Stream Management ID (SM-ID, see
|
||||||
&xep0198;) tuple.</p>
|
&xep0198;) tuple.</p>
|
||||||
|
|
||||||
<p>After the <inst-resumed/> was received and has been
|
<p>After the <inst-resumed/> was received and has been
|
||||||
@ -391,13 +347,13 @@
|
|||||||
but is unable to resume the stream instantly it MUST reply with a
|
but is unable to resume the stream instantly it MUST reply with a
|
||||||
<success/> Nonza as defined in the &xep0388; containing
|
<success/> Nonza as defined in the &xep0388; containing
|
||||||
a <inst-resume-failed/> element qualified by the
|
a <inst-resume-failed/> element qualified by the
|
||||||
'urn:xmpp:isr:0' namespace. This
|
'htpps://xmpp.org/extensions/isr/0' namespace. This
|
||||||
<inst-resume-failed/> MUST contain a <failed/>
|
<inst-resume-failed/> MUST contain a <failed/>
|
||||||
element as defined in &xep0198;.</p>
|
element as defined in &xep0198;.</p>
|
||||||
|
|
||||||
<example caption='Server indicates instant stream resumption failure'><![CDATA[
|
<example caption='Server indicates instant stream resumption failure'><![CDATA[
|
||||||
<success xmlns='urn:xmpp:sasl:0'>
|
<success xmlns='urn:xmpp:sasl:1'>
|
||||||
<inst-resume-failed xmlns='urn:xmpp:isr:0'>
|
<inst-resume-failed xmlns='https://xmpp.org/extensions/isr/0'>
|
||||||
<failed xmlns='urn:xmpp:sm:3'
|
<failed xmlns='urn:xmpp:sm:3'
|
||||||
h='another-sequence-number'>
|
h='another-sequence-number'>
|
||||||
<item-not-found xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
|
<item-not-found xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
|
||||||
@ -415,25 +371,23 @@
|
|||||||
|
|
||||||
</section3>
|
</section3>
|
||||||
|
|
||||||
<section3 topic='Multi SASL Mechanism ISR' anchor='multi-sasl-mech-isr'>
|
<section3 topic='Multi step authentication ISR' anchor='multi-step-auth-isr'>
|
||||||
|
|
||||||
<p>As specified in the &xep0388; § 2.6.4, a single SASL
|
<p>As specified in the &xep0388; § 2.6.3, sole SASL authentication
|
||||||
mechanism may not be sufficient for authentication. In this case,
|
may not be sufficient for authentication. In this case, the remote
|
||||||
the remote entity sends a <continue/> element as defined in
|
entity sends a <continue/> element as defined in &xep0388;
|
||||||
&xep0388; to request the local entity to perform another
|
to request the local entity to perform another
|
||||||
SASL mechanism. Performing instant stream resumption using
|
task.</p>
|
||||||
multiple SASL mechanisms MUST only be done if the
|
|
||||||
'without-isr-token' attribute is set to 'true'.</p>
|
|
||||||
|
|
||||||
<example caption='Server requires Multi SASL Mechanism ISR'><![CDATA[
|
<example caption='Server requires Multi SASL Mechanism ISR'><![CDATA[
|
||||||
<continue xmlns='urn:xmpp:sasl:0'>
|
<continue xmlns='urn:xmpp:sasl:1'>
|
||||||
<additional-data>
|
<additional-data>
|
||||||
T3B0aW9uYWwgQmFzZSA2NCBlbmNvZGVkIFNBU0wgc3VjY2VzcyBkYXRh
|
T3B0aW9uYWwgQmFzZSA2NCBlbmNvZGVkIFNBU0wgc3VjY2VzcyBkYXRh
|
||||||
</additional-data>
|
</additional-data>
|
||||||
<mechanisms>
|
<tasks>
|
||||||
<mechanism>HOTP-EXAMPLE</mechanism>
|
<task>HOTP-EXAMPLE</task>
|
||||||
<mechanism>TOTP-EXAMPLE</mechanism>
|
<task>TOTP-EXAMPLE</task>
|
||||||
<mechanisms>
|
<tasks>
|
||||||
</continue>
|
</continue>
|
||||||
]]></example>
|
]]></example>
|
||||||
|
|
||||||
@ -441,12 +395,15 @@
|
|||||||
|
|
||||||
<section3 topic='Failed ISR Authentication' anchor='isr-auth-failed'>
|
<section3 topic='Failed ISR Authentication' anchor='isr-auth-failed'>
|
||||||
|
|
||||||
<p>If the server is unable to authenticate the initiating entity it
|
<p>If the server is unable to authenticate the initiating entity
|
||||||
MUST reply with a <failure/> Nonza as defined in
|
it replies with a <failure/> Nonza as defined in
|
||||||
&xep0388;.</p>
|
&xep0388;. The server MUST delete any state of the stream which
|
||||||
|
was attempted to resume in case the SM-ID was correct but the
|
||||||
|
authentication failed.<note>This is to prevent brute force
|
||||||
|
attacks.</note></p>
|
||||||
|
|
||||||
<example caption='Server indicates instant stream resumption failure'><![CDATA[
|
<example caption='Server indicates instant stream resumption failure'><![CDATA[
|
||||||
<failure xmlns='urn:xmpp:sasl:0'>
|
<failure xmlns='urn:xmpp:sasl:1'>
|
||||||
<not-authorized xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/>
|
<not-authorized xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/>
|
||||||
</failure>
|
</failure>
|
||||||
]]></example>
|
]]></example>
|
||||||
@ -461,100 +418,19 @@
|
|||||||
|
|
||||||
</section1>
|
</section1>
|
||||||
|
|
||||||
<section1 topic='The X-HT-* SASL Mechanism' anchor='ht-sasl'>
|
|
||||||
|
|
||||||
<p>This section specifies the Hashed Token (X-HT-*) SASL
|
|
||||||
mechanism. This mechanism was designed to be used with short-lived
|
|
||||||
tokens (shared secrets) for authentication. It provides hash
|
|
||||||
agility, mutual authentication and is secured by channel
|
|
||||||
binding. Since the token is not salted, and only one iteration is
|
|
||||||
used, the X-HT mechanism is not suitable to protect long-lived
|
|
||||||
shared secrets (e.g. "passwords"). You may want to look at &rfc5802;
|
|
||||||
for that.</p>
|
|
||||||
|
|
||||||
<section2 topic='The X-HT-* Family of Mechanisms' anchor='ht-sasl-mechanism-family'>
|
|
||||||
|
|
||||||
<p>Each mechanism in this family differs by the choice of the hash
|
|
||||||
algorithm and the choice of the channel binding type. Each
|
|
||||||
mechanism has a name of the form X-HT-[HA]-[CBT] where [HA] is the
|
|
||||||
"Hash Name String" of the &iana-hash-alg; registry in capital
|
|
||||||
letters, and [CBT] is one of 'ENDP' or 'UNIQ'. In case of 'ENDP',
|
|
||||||
the tls-server-end-point channel binding type is used. In case of
|
|
||||||
'UNIQ', the tls-unique channel binding type is used. For more
|
|
||||||
information about channel binding, see &rfc5929; and the
|
|
||||||
&iana-cbt; registry.</p>
|
|
||||||
|
|
||||||
<table caption='Mapping of CBT to Channel Bindings'>
|
|
||||||
<tr><th>CBT</th><th>Channel Binding Type</th></tr>
|
|
||||||
<tr><td>ENDP</td><td>tls-server-end-point</td></tr>
|
|
||||||
<tr><td>UNIQ</td><td>tls-unique</td></tr>
|
|
||||||
</table>
|
|
||||||
|
|
||||||
<p>The following table lists a few examples of X-HT-* SASL
|
|
||||||
mechanism names.</p>
|
|
||||||
|
|
||||||
<table caption='Example X-HT-* SASL mechanisms'>
|
|
||||||
<tr><th>Mechanism Name</th><th>Hash Algorithm</th><th>Channel-binding unique prefix</th></tr>
|
|
||||||
<tr><td>X-HT-SHA-512-ENDP</td><td>SHA-512 (FIPS 180-4)</td><td>tls-server-end-point</td></tr>
|
|
||||||
<tr><td>X-HT-SHA3-256-ENDP</td><td>SHA3-512 (FIPS 202)</td><td>tls-server-end-point</td></tr>
|
|
||||||
<tr><td>X-HT-SHA-512-UNIQ</td><td>SHA-512 (FIPS 180-4)</td><td>tls-unique</td></tr>
|
|
||||||
<tr><td>X-HT-SHA-256-UNIQ</td><td>SHA-256 (&rfc6920;)</td><td>tls-unique</td></tr>
|
|
||||||
</table>
|
|
||||||
</section2>
|
|
||||||
|
|
||||||
<section2 topic='The X-HT Mechanism' anchor='ht-sasl-mechanism'>
|
|
||||||
|
|
||||||
<p>The mechanism consists of a simple exchange of exactly two
|
|
||||||
messages between the initiator and responder. It starts with the
|
|
||||||
message from the initiator to the responder. This
|
|
||||||
'initiator-message' is defined as follows:</p>
|
|
||||||
|
|
||||||
<p class='box'>
|
|
||||||
initiator-message = HMAC(token, "Initiator" || cb-data)
|
|
||||||
</p>
|
|
||||||
|
|
||||||
<p>HMAC() is the function defined in &rfc2104; with H being the
|
|
||||||
chosen hash algorithm, 'cb-data' represents channel binding type
|
|
||||||
data, and 'token' are the UTF-8 (see &rfc3629;) encoded bytes of
|
|
||||||
the token String which acts as shared secret between initiator and
|
|
||||||
responder. The initiator-message MUST NOT be included in TLS 1.3
|
|
||||||
0-RTT early data (&tls13;).</p>
|
|
||||||
|
|
||||||
<p>This message is followed by a message from the responder to the
|
|
||||||
initiator. This 'responder-message' is defined as follows:</p>
|
|
||||||
|
|
||||||
<p class='box'>
|
|
||||||
responder-message = HMAC(token, "Responder" || cb-data)
|
|
||||||
</p>
|
|
||||||
|
|
||||||
<p>The initiating entity MUST verify the responder-message to
|
|
||||||
achieve mutual authentication.</p>
|
|
||||||
|
|
||||||
</section2>
|
|
||||||
|
|
||||||
<section2 topic='Security Considerations for the X-HT SASL Mechanism' anchor='ht-sasl-security-considerations'>
|
|
||||||
|
|
||||||
<p>To be secure, X-HT MUST be used over a TLS channel that has had
|
|
||||||
the session hash extension &rfc7627; negotiated, or session
|
|
||||||
resumption MUST NOT have been used.</p>
|
|
||||||
|
|
||||||
</section2>
|
|
||||||
|
|
||||||
</section1>
|
|
||||||
|
|
||||||
<section1 topic='Security Considerations' anchor='security'>
|
<section1 topic='Security Considerations' anchor='security'>
|
||||||
|
|
||||||
<p>Putting ISR data in <cite>TLS 1.3</cite> 0-RTT early data is
|
<p>Any ISR data SHALL NOT be part of <cite>TLS 1.3</cite> 0-RTT
|
||||||
forbidden. (TODO: Shall we weaken this requirement to allow early
|
early data. (TODO: Shall we weaken this requirement to allow early
|
||||||
data?. It would be technically possible if the sender does not add
|
data?. It would be technically possible if the sender does not add
|
||||||
additional data, for example Stanzas, after the ISR/XEP-0388 data at
|
additional data, for example Stanzas, after the ISR/XEP-0388 data at
|
||||||
the end of the early data. And if the receiver does ensure that the
|
the end of the early data. And if the receiver does ensure that the
|
||||||
existence of such additional data is causing an ISR failure.)</p>
|
existence of such additional data is causing an ISR failure.)</p>
|
||||||
|
|
||||||
<p>It is of vital importance that the Instant Stream Resumption Key
|
<p>It is of vital importance that the Instant Stream Resumption
|
||||||
is generated by a cryptographically secure random generator. See
|
Token is generated by a cryptographically secure random
|
||||||
&rfc4086; for more information about Randomness Requirements for
|
generator. See &rfc4086; for more information about Randomness
|
||||||
Security</p>
|
Requirements for Security.</p>
|
||||||
|
|
||||||
</section1>
|
</section1>
|
||||||
|
|
||||||
@ -566,7 +442,7 @@
|
|||||||
|
|
||||||
<section1 topic='XMPP Registrar Considerations' anchor='registrar'>
|
<section1 topic='XMPP Registrar Considerations' anchor='registrar'>
|
||||||
|
|
||||||
<p>The ®ISTRAR; includes 'urn:xmpp:isr:0' in its registry of protocol namespaces (see &NAMESPACES;).</p>
|
<p>The ®ISTRAR; includes 'htpps://xmpp.org/extensions/isr/0' in its registry of protocol namespaces (see &NAMESPACES;).</p>
|
||||||
|
|
||||||
</section1>
|
</section1>
|
||||||
|
|
||||||
@ -578,9 +454,14 @@
|
|||||||
|
|
||||||
<section1 topic='Acknowledgements' anchor='acknowledgements'>
|
<section1 topic='Acknowledgements' anchor='acknowledgements'>
|
||||||
|
|
||||||
<p>Thanks to Jonas Wielicki, Thijs Alkemade, Dave Cridland,
|
<p>Thanks to Jonas Wielicki, Thijs Alkemade, Dave Cridland, Maxime
|
||||||
Maxime Buquet and Alexander Würstlein for their feedback.</p>
|
Buquet, Alexander Würstlein and Sam Whited for their feedback.</p>
|
||||||
|
|
||||||
</section1>
|
</section1>
|
||||||
|
|
||||||
</xep>
|
</xep>
|
||||||
|
|
||||||
|
<!-- Local Variables: -->
|
||||||
|
<!-- fill-column: 100 -->
|
||||||
|
<!-- indent-tabs-mode: nil -->
|
||||||
|
<!-- End: -->
|
||||||
|
Loading…
Reference in New Issue
Block a user