|
|
Line 1: |
Line 1: |
| == Motivation == | | == Dates and Times == |
| So, lets finally do it and solve Stanza Encryption!
| |
|
| |
|
| We probably agree that FULL stanza encryption is not really a good idea, since there is always information that needs to be accessible to the server (processing hints, delay tags, recipient and sender addresses (duh).
| | Friday December 27th - Monday December 30th 2019 |
| So a better approach would be partial stanza encryption, which only encrypts parts of the stanza.
| |
| You can imagine this as kind of an envelope element in which sensible extension elements are added and which is afterwards encrypted and appended to the message.
| |
|
| |
|
| If we want to create a specification that follows this idea, we may want to take inspiration from XEP-0373: OpenPGP for XMPP, which uses exactly that mechanism.
| | == Contact == |
| So a first step to get started would be to find a way to move OX's OpenPGP Content Elements out of OX into a new XEP which generalizes this idea for arbitrary E2EE encryption methods.
| |
|
| |
|
| Also we need to specify a white-/blacklist which dictates which elements (don't) belong into the content element / message to prevent implementation mistakes.
| | Join us in the chatroom: xmpp:xmpp-sprint@chat.cluxia.eu?join |
|
| |
|
| Most importantly though we need experience in this field in order to get a better understanding of what pitfalls exist, so lets JUST DO IT!
| | Also accessible via https://chat.cluxia.eu/anon/#xmpp-sprint |
|
| |
|
| == Related Work == | | == Venue == |
|
| |
|
| === Similar Proposals ===
| | 36C3 @ Messe Leipzig |
| There are some protocols that do slightly different approaches to the same problem.
| |
|
| |
|
| * [https://xmpp.org/extensions/xep-0200.html XEP-0200: Stanza Encryption]
| | We have applied for an assembly. |
|
| |
|
| * [https://xmpp.org/extensions/xep-0246.html XEP-0246: End-to-End XML Streams]
| | Unlike regular XMPP Developer Sprints you need a ticket for this sprint as we are just hooking onto the 36C3. If you are a (somewhat active) member of the XMPP Community come talk to us in our sprint channel and we might have a voucher for you. (The voucher only gives you the right to '''buy''' a ticket before regular sale starts. |
|
| |
|
| === Encryption Protocols === | | == Accommodation == |
| [https://xmpp.org/extensions/xep-0373.html XEP-0373: OpenPGP for XMPP]
| |
| OpenPGP for XMPP (OX) comes with an enveloping mechanism.
| |
|
| |
|
| [https://xmpp.org/extensions/xep-0384.html XEP-0384: OMEMO Encryption]
| | Various around the city. Book early. Hotels sell out quickly during congress. |
|
| |
|
| [https://xmpp.org/extensions/xep-0364.html XEP-0364: Current Off-The-Record Messaging Use]
| | == Attendees == |
|
| |
|
| [https://xmpp.org/extensions/xep-0116.html XEP-0116: Encrypted Session Negotiation]
| | {| class="wikitable sortable" |
| | ! Name (optional) |
| | ! Nickname |
| | ! Sprint project(s) |
| | ! booked |
| | ! comments |
| | |- |
| | | Daniel Gultsch |
| | | iNPUTmice |
| | | |
| | | yes |
| | | |
| | |} |