mirror of
https://github.com/moparisthebest/xeps
synced 2024-11-27 11:42:17 -05:00
112 lines
5.2 KiB
XML
112 lines
5.2 KiB
XML
<?xml version='1.0' encoding='UTF-8'?>
|
|
<!DOCTYPE xep SYSTEM 'xep.dtd' [
|
|
<!ENTITY % ents SYSTEM 'xep.ent'>
|
|
%ents;
|
|
]>
|
|
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
|
|
<xep>
|
|
<header>
|
|
<title>Pubsub Signing: OpenPGP Profile</title>
|
|
<abstract>Specifies a pubsub signing profile for OpenPGP</abstract>
|
|
&LEGALNOTICE;
|
|
<number>0476</number>
|
|
<status>Experimental</status>
|
|
<type>Standards Track</type>
|
|
<sig>Standards</sig>
|
|
<approver>Council</approver>
|
|
<dependencies>
|
|
<spec>XMPP Core</spec>
|
|
<spec>XEP-0001</spec>
|
|
<spec>XEP-0004</spec>
|
|
<spec>XEP-0060</spec>
|
|
<spec>XEP-0373</spec>
|
|
</dependencies>
|
|
<supersedes/>
|
|
<supersededby/>
|
|
<shortname>pss-ox</shortname>
|
|
<author>
|
|
<firstname>Jérôme</firstname>
|
|
<surname>Poisson</surname>
|
|
<email>goffi@goffi.org</email>
|
|
<jid>goffi@jabber.fr</jid>
|
|
</author>
|
|
<revision>
|
|
<version>0.1.0</version>
|
|
<date>2022-12-20</date>
|
|
<initials>XEP Editor (jsc)</initials>
|
|
<remark>Accepted by vote of Council on 2022-11-30.</remark>
|
|
</revision>
|
|
<revision>
|
|
<version>0.0.1</version>
|
|
<date>2022-10-29</date>
|
|
<initials>jp</initials>
|
|
<remark><p>First draft.</p></remark>
|
|
</revision>
|
|
</header>
|
|
<section1 topic='Introduction' anchor='intro'>
|
|
<p>This XMPP extension protocol specifies a profile of Pubsub Signing to use OpenPGP for signature.</p>
|
|
</section1>
|
|
<section1 topic='Signing a Pubsub Item With OpenPGP' anchor='signing'>
|
|
<p>Signing an item with OpenPGP requires to have &xep0373; implemented to handle keys, however this specification uses its own <sign/> element because it uses wrapper element from Pubsub Signing XEP, and signed data MUST NOT be included with the signature.</p>
|
|
<p>To sign an element, a client process as explained in XEP-0XXX <link url='https://xmpp.org/extensions/inbox/pubsub-signing.html#signing'>§ Signing a Pubsub Item</link> where the "signing profile" element used is a <sign/> element qualified by the 'urn:xmpp:pubsub-signing:openpgp:0' namespace. This element MUST contain a Base64 encoded (&rfc4648; <link url='https://tools.ietf.org/html/rfc4648#section-4'>§ 4</link>) OpenPGP message as specified in &rfc4880; which MUST contain a <strong>detached signature</strong> as defined in &rfc4880; <link url='https://www.rfc-editor.org/rfc/rfc4880#section-11.4'>§ 11.4</link> of the signed data as specified in XEP-0XXX <link url='https://xmpp.org/extensions/inbox/pubsub-signing.html#signing'>§ Signing a Pubsub Item</link>.</p>
|
|
|
|
<example caption="Juliet Publishes Her Signature as an Attachment With OpenPGP Signing Profile"><![CDATA[
|
|
<iq xmlns="jabber:client" from="juliet@capulet.lit/chamber" to="juliet@capulet.lit" id="signature_1" type="set">
|
|
<pubsub xmlns="http://jabber.org/protocol/pubsub">
|
|
<items node="urn:xmpp:pubsub-attachments:1/xmpp:juliet@capulet.lit?;node=urn%3Axmpp%3Amicroblog%3A0;item=random-thoughts-12bd">
|
|
<item id="juliet@capulet.lit">
|
|
<attachments xmlns="urn:xmpp:pubsub-attachments:1">
|
|
<signature xmlns="urn:xmpp:pubsub-signing:0">
|
|
<time stamp="2022-10-16T18:39:03Z"/>
|
|
<signer>juliet@capulet.lit</signer>
|
|
<sign xmlns="urn:xmpp:pubsub-signing:openpgp:0">iQGzBAABCAAdFiEEyTOMos/ZmE//ikYkAzNxB0kY9CIFAmNaomUACgkQAzNxB0kY9CJQcAv9HjIIrzIhtmWvf2IoHBUgY7hUFPZ3TKZ0Ltc6uz+CR4K1GHQB842/vjPSHwo5qfVgaVEUK3Liw8eXawOZ4SJeSZdmd1KUjjuZ+SLlB1SKKEoap3KFhidT9XYA2OU4tkWOwVI2cyBIWE3JRxD0YFh5YMJObZrOoyMiobwaMaGCHt60T71rl1wPb399l9aU6sYu2HHIRnM5pDgVljIMZe0n1LnY5pH5jzN67JgxlFAfl0Q4BO81pBycNnbk0VPb78Ki4001S7uoFftkN3j6euYf8KhtTH+Yaw1BdYzjO8o2Nw/9ledMrwO652Ud4hLGpmSpIJI1NTOjmy5crfhEHMA5ERYDbGbaB/IoaHxje+8occlI78xChoz7xCQlwVVyHARvuotEbYRimY78s2Ozae+uG/8wQZmeLnrvwCrzDiJbEkW4MbiOWUC1QcApNoW8lriLcb+ZfNGMeENSSMqMRfi3wL6WOovM2IR8O97/1DkGFiYAZ414CVZV2ZT+xxE64pMM</sign>
|
|
</signature>
|
|
</attachments>
|
|
</item>
|
|
</items>
|
|
</pubsub>
|
|
</iq>
|
|
]]></example>
|
|
</section1>
|
|
|
|
<section1 topic='Discovering Support' anchor='disco'>
|
|
<p>If a client supports the protocol specified in this XEP, it MUST advertise it by including the "urn:xmpp:pubsub-signing:openpgp:0" discovery feature in response to a &xep0030; information request:</p>
|
|
|
|
<example caption="Service Discovery information request"><![CDATA[
|
|
<iq type='get'
|
|
from='juliet@example.org/chamber'
|
|
to='romeo@example.org/orchard'
|
|
id='disco1'>
|
|
<query xmlns='http://jabber.org/protocol/disco#info'/>
|
|
</iq>]]></example>
|
|
<example caption="Service Discovery information response"><![CDATA[
|
|
<iq type='result'
|
|
from='romeo@example.org/orchard'
|
|
to='juliet@example.org/chamber'
|
|
id='disco1'>
|
|
<query xmlns='http://jabber.org/protocol/disco#info'>
|
|
...
|
|
<feature var='urn:xmpp:pubsub-signing:openpgp:0'/>
|
|
...
|
|
</query>
|
|
</iq>]]></example>
|
|
</section1>
|
|
|
|
<section1 topic='Security Considerations' anchor='security'>
|
|
<p>Security considerations of &xep0373; and <link url='https://xmpp.org/extensions/inbox/pubsub-signing.html'>XEP-0XXX</link> apply.</p>
|
|
</section1>
|
|
|
|
<section1 topic='IANA Considerations' anchor='iana'>
|
|
<p>TODO</p>
|
|
</section1>
|
|
<section1 topic='XMPP Registrar Considerations' anchor='registrar'>
|
|
<p>TODO</p>
|
|
</section1>
|
|
<section1 topic='XML Schema' anchor='schema'>
|
|
<p>TODO</p>
|
|
</section1>
|
|
<section1 topic='Acknowledgements' anchor='acks'>
|
|
<p>Thanks to NLnet foundation/NGI0 Discovery for funding.</p>
|
|
</section1>
|
|
</xep>
|