161
edits
m |
m |
||
Line 1: | Line 1: | ||
This page should be used to discuses the XEP's and implementation of [https://xmpp.org/extensions/xep-0373.html XEP-0373: OpenPGP for XMPP] | This page should be used to discuses the XEP's and implementation of | ||
[https://xmpp.org/extensions/xep-0373.html XEP-0373: OpenPGP for XMPP]. If you | |||
think there are some things which are wrong, feel free to contact me. | |||
= | = Fundamentals = | ||
There are different people with different background knowledge about OpenPGP / | |||
GnuPG. XMPP OX should be able to integrate in clients which hides the technical | |||
details of OpenPGP to the user. But, XMPP OX should also useable for technical | |||
people which may have a OpenPGP Smartcard or a Token. | |||
End the end of the day, the clients should be able to share information and | |||
messages. | |||
== OpenPGP via GnuPG == | == OpenPGP via GnuPG == | ||
There are two use cases to create the key material. | |||
Users with technical background may have his own key or prefer to generated his | |||
own key via GnuP. This is '''not''' a question about trust the gnupg application or trust the xmpp | |||
client application, this is more a habit of the user. | |||
=== Generating key === | |||
Basically both use cases are fine and the best way is, to let the user decides | |||
which he would like to use. Generate a Key via gpg can be done by | |||
<pre> | |||
gpg --full-gen-key` | |||
</pre> | |||
Generating the key within the XMPP is up to the developer. | |||
It recommend to have such a option, to make the on boarding for non technical | |||
people easier. | |||
=== UID === | |||
There may people which prefer one key pair for E-Mail and one dedicated key pair | |||
for XMPP. There may also people ( independent of this knowledge ) which prefer | |||
to have one key pair for all "services". In the most cases, at least I know, it | |||
will be done via the OpenPGP UID. | |||
The user should be able to manage his key pair. Also, the XMPP Client should be | |||
able to assistant, by adding a UID. | |||
A key can look like this: | |||
<pre> | |||
pub rsa2048 2020-05-01 [SCEA] | |||
6D740FE2B1D55DCD74CAAD95AC1A1629095EEDAE | |||
uid [ unbekannt ] xmpp:alice@domain.tld | |||
</pre> | |||
or like this: | |||
<pre> | <pre> | ||
pub rsa4096 2019-05-14 [SC] [verfällt: 2021-05-13] | |||
A602F76893F138B4A8EFDDD5C2DC916F35751C24 | |||
uid [ ultimativ ] Name <mailbox@domain.tld> | |||
uid [ ultimativ ] Name (FSFE) <mailbox@domain1.tld> | |||
uid [ ultimativ ] Name (devLUG) <mailbox@domain2.tld> | |||
uid [ ultimativ ] xmpp:user@domain.tld | |||
uid [ ultimativ ] xmpp:xmpp:alice@domain.tld | |||
sub rsa4096 2019-05-14 [E] [verfällt: 2021-05-13] | |||
sub rsa4096 2019-05-14 [A] [verfällt: 2021-05-13] | |||
</pre> | </pre> | ||
=== Export a public key === | |||
Sharing the public key is also a question about privacy. If the user has only | |||
one key pair which is used by XMPP, only. There may not many problems to share | |||
those key via XMPP PEP. If a user have a key with more UIDs and is using the | |||
WoT, the user may prefer which information should / shouldn't included within | |||
the public key. | |||
By default, the public will include Name, E-Mail-Addresses, XMPP Addresses of | |||
all OpenPGP UIDs in the public key. The public key also includes the signatures. | |||
If the user prefer to publish his public key with minimal information, he can do | |||
so by | |||
<pre> | <pre> | ||
gpg --export --export-options export-minimal --export-filter 'keep-uid=uid =~ xmpp:local@domain.tld' | gpg --export --export-options export-minimal --export-filter 'keep-uid=uid =~ xmpp:local@domain.tld' MY_FINGERPRINT > /tmp/test.gpg | ||
</pre> | </pre> | ||
In this cases, just the UID with the xmpp-Address will be extracted and no | |||
signatures. | |||
=== Trust-model === | |||
The user should decides which trust model the user prefers. | |||
Users which just would like to use it and do not crate much of trust | |||
fingerprints, may should use trust-model TOFO (Trust On First Use). | |||
Option trust-model and tofu-default-policy in .gnupg/gpg.conf. | |||
Users which prefer trust-model pgp should be able to use the WoT (default in gnupg). | |||
I think the WoT is '''not''' nonsense. There is maybe an issues, that not all clients supporting a friendly way to sign key and publish it. | |||
= Discussions = | = Discussions = |
edits