From 649db638046b6e11d165c3901c16e46b0645fdf4 Mon Sep 17 00:00:00 2001 From: Florian Schmaus Date: Mon, 16 Apr 2018 08:27:17 +0200 Subject: [PATCH] Update "XEP-0373: OpenPGP for XMPP" to 0.3.0 --- xep-0373.xml | 163 +++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 119 insertions(+), 44 deletions(-) diff --git a/xep-0373.xml b/xep-0373.xml index 4521727f..49f5f76d 100644 --- a/xep-0373.xml +++ b/xep-0373.xml @@ -46,6 +46,14 @@ look@my.amazin.horse valodim@stratum0.org + + 0.3.0 + 2018-04-16 + fs + + Split public keys into metadata and data nodes. + + 0.2.1 2017-11-13 @@ -125,9 +133,11 @@
OpenPGP element
An XMPP extension element: &openpgp; qualified by the 'urn:xmpp:openpgp:0' namespace
OpenPGP content element
An element embedded via OpenPGP in a &openpgp; element. Either one of &signcrypt;, &sign; or &crypt;, qualified by the 'urn:xmpp:openpgp:0' namespace.
 -
PEP
Personal Eventing Protocol (XEP-0163)
 -
Public key PEP node
A PEP node containing an entity's public OpenPGP key.
 -
Secret key PEP node
A PEP node containing an entity's encrypted secret OpenPGP key.
 +
PEP
&xep0163;
 +
Public-Key metadata node ("metadata node")
A PEP node containing metadata of the entity's public OpenPGP key.
 +
Public-Key data node ("data node")
A PEP node containing an entity's public OpenPGP key.
 +
Secret-Key node
A PEP node containing an entity's encrypted secret OpenPGP key.
 +
OpenPGP v4 Fingerprint String
A String representing the OpenPGP v4 fingerprint of a key.
@@ -261,48 +271,90 @@ - +

Parties interested in exchanging encrypted data between each other via OpenPGP need to know the public key(s) of the recipients. The following section specifies a mechanism to announce and discover public keys.

- +

Two PEP node types are invovled: A "medatata node" is used to store meta information about + OpenPGP keys used by an entity while the actual public keys are stored in "data nodes".

-

In order to announce the public key, the client needs to store - it in a PEP node. The public key data, as specified in RFC - 4880, is stored within a <pubkey/> element which is a - child element of the <pubkeys/> element qualified by the - 'urn:xmpp:openpgp:0' namespace. Note that OpenPGP's ASCII Armor is - not used, instead the XMPP client MUST encode the public key using - Base64. Clients MAY only try to store the public key if the - Personal Eventing Protocol service supports persistent-items, thus - they possibly check if the service reports the - 'http://jabber.org/protocol/pubsub#persistent-items' feature.

+ - +

The public key data, as specified in RFC 4880, is stored in a PEP data + node. Note that OpenPGP's ASCII Armor is not used, instead the XMPP client MUST encode the + public key using Base64. The id of the node MUST be "urn:xmpp:openpgp:0:public-keys:" followed + by the fingerprint string of the OpenPGP public-key contained in the data node.

+ +

The OpenPGP v4 fingerprint string is obtained as follows: First the raw bytes of the + fingerprint are computed as specified in RFC 4880 § 12.2.. Then the bytes are + encoded as a hexadecimal string using upper case charactersThis matches the representation + used by GnuPG minus the SPACE separation..

+ +

The data node MUST contain an <pubkey/> element qualified by the 'urn:xmpp:openpgp:0' + namespace. An optional 'date' attribute holds the information about the last modification of the + key as DateTime format of XEP-0082. The element MUST include a <data/> + element which contains the data of the key Base64 encoded.

+ + - - - - - BASE64_OPENPGP_PUBLIC_KEY - - - - - + + + + + BASE64_OPENPGP_PUBLIC_KEY + + + + + ]]> - + -

In order to discover the public key of an XMPP entity, clients - send a PubSub &IQ; request to the entity's bare JID of which it - wants to know the public key.

+

To update the public keys used by an entity, the metadata node is updated. Before adding a + OpenPGP key ID to the metadata node, the publisher MUST ensure that the public key is available + at the corresponding data node.

+ +

The ID of the metadata node is 'urn:xmpp:openpgp:0:public-keys'. It contains a + <public-keys-list/> element qualified by the 'urn:xmpp:openpgp:0' namespace containing one + or more <pubkey-metadata/> elements. Every pubkey-metadata element MUST have a + 'v4-fingerprint' attribute, containing the OpenPGP v4 fingerprint string, and a 'date' + attribute, containing the time the key was published or updated in DateTime format of + XEP-0082. An OpenPGP V4 fingerprint MUST NOT occur in the list more than once.

+ + + + + + + + + + + + +]]> + + + + + +

In order to discover the OpenPGP public keys, the interested entity first queries a remote + entities metadata note to learn about its currently annouced OpenPGP keys. Then the public + OpenPGP key(s) can be retrieved by querying the data node for a specific fingerprint.

- ]]> + - + - - + + BASE64_OPENPGP_PUBLIC_KEY - - + + - ]]> +]]>

Note that the result may contain multiple pubkey elements. Only - the public keys found in the most recent MUST be used. Requesters + the public keys found in the most recent item MUST be used. Requesters may want to limit the results to the most recent item using the 'max_items' attribute set to '1'. Clients could alternatively use &xep0059; as an alternative to 'max_items' but accoding to @@ -347,10 +400,24 @@ + + +

Entities which are subscribed to the metadata node or advertise the + "urn:xmpp:openpgp:0:public-keys+notify" feature via &xep0115; (see XEP-0060 § 9.2) + receive a notification upon a node update.

+ + + + +

A private PEP node is used to allow XMPP clients to synchronize the user's secret OpenPGP key. Where private PEP node is defined: A PEP node in whitelist mode where only the bare JID of the key @@ -572,14 +639,22 @@ -

The PubSub nodes specified by herein SHOULD be configured to either never send the latest - item, or to send the latest item only when a new entity subscribed. Thus the nodes - 'send_last_published_item' configuration option SHOULD be set to either 'never' or 'on_sub' (see - XEP-0060 The Public-Key metadata node and the Secret-Key node SHOULD be configured to either + never send the latest item, or to send the latest item only when a new entity subscribed. Thus + the nodes 'send_last_published_item' configuration option SHOULD be set to either 'never' or + 'on_sub' (see XEP-0060 § 16.4.4).

+ + +

Whenever an entity becomes aware that the metadata node has changed (e.g., by receiving a PEP + update from their own account), it SHOULD check that the list contains the key they use. If the + key has been removed, the entity SHOULD reannounce it.

+ + + @@ -793,7 +868,7 @@

Thanks to Emmanuel Gil Peyrot, Sergei Golovan, Marc Laporte, Georg - Lukas, Adithya Abraham Philip and Brian Cully for their feedback.

+ Lukas, Adithya Abraham Philip, Brian Cully and fiaxh for their feedback.

The first draft of this specification was worked out and written on the wall of the 'Kymera' room in one of Google's buildings by the