XSF Discussion - 2014-03-04


  1. Ash has left
  2. Ash has joined
  3. Ash has left
  4. Ash has joined
  5. Ash has left
  6. Lance has joined
  7. Santiago26 has left
  8. Santiago26 has joined
  9. Santiago26 has left
  10. Lance has joined
  11. Zash has left
  12. Lance has left
  13. Tobias has left
  14. Lance has joined
  15. Kev has left
  16. Alex has joined
  17. Santiago26 has joined
  18. Santiago26 has left
  19. Santiago26 has joined
  20. jabberjocke has left
  21. jabberjocke has joined
  22. Santiago26 has left
  23. Tobias has left
  24. intosi Ralph: I'm on that list.
  25. jabberjocke has left
  26. Zash has joined
  27. emcho has joined
  28. emcho has left
  29. Santiago26 has joined
  30. jabberjocke has joined
  31. xnyhps has left
  32. emcho has joined
  33. jabberjocke has left
  34. emcho has left
  35. Ash has joined
  36. xnyhps has left
  37. Lloyd has joined
  38. Zash has left
  39. Santiago26 has left
  40. Ash has left
  41. Ash has joined
  42. emcho has joined
  43. Lloyd This just came up, thought it might be of interest https://secure-resumption.com/
  44. xnyhps Lloyd: That was also mentioned here yesterday. My expectation is that nothing on XMPP is vulnerable as nothing uses TLS resumption.
  45. Lloyd xnyhps, ahh missed that apologies. Good to hear about the lack of vulnerability though
  46. xnyhps (Though I don't have much concrete evidence for that…)
  47. stpeter has joined
  48. Ash has left
  49. emcho has left
  50. emcho has joined
  51. Kev has joined
  52. Kev As far as I can tell from the description, this doesn't require the client to not check server certs.
  53. Kev dwd: Are you sure this is the case?
  54. Kev Or, at least, it doesn't require as sever as 'verify nothing', I think.
  55. Zash has joined
  56. xnyhps Kev: The image shows the Attacker replaces the cert with its own cert.
  57. Kev I could easily have misread this. But it seemed to me to be saying that the attacker's website wasn't claiming to be the victim's website.
  58. jabberjocke has joined
  59. Kev I need to work out how I'm going to grab lunch, if I'm going to be travelling across London at lunchtime.
  60. Kev Need to leave the hotel at 11 to get to the Hilton for 12:30, if TFL is to be believed.
  61. Ash has joined
  62. xnyhps I stand corrected, jabber.org lets you do TLS resumption.Hm.
  63. Kev Although not client strong-auth.
  64. dwd Kev, I think that the Attacker would have to pretend to be some site for which the credentials matched, at least.
  65. xnyhps Attacker has attacker.com, user visits that and it obtains the client-cert from the user and presents it to goodserver.com?
  66. Kev Maybe I should understand the attack, instead of just reading the decription.
  67. Kev +s
  68. Kev I read it as the attacker presenting their own identity.
  69. Kev And then swapping out to a MITMd session to the victim.
  70. xnyhps Yeah, I think you're right.
  71. xnyhps But of course, when you try to attack the channel-binding part of SCRAM-SHA-1-PLUS, you do need valid credentials of the server.
  72. xnyhps Or the client must have used an identical nodepart and password on your server as on the malicious server.
  73. xnyhps But if you have that, there's nothing you can win by an attack, you have the password. :)
  74. ralphm hah
  75. Kev I guess I need to start thinking about heading into town.
  76. Kev Right. See folks at precis, I guess.
  77. Kev has left
  78. jabberjocke has left
  79. Zash has joined
  80. dwd Ah, Kitten have just started discussing the TLS MITM stuff.
  81. Zash Kitten is now?
  82. dwd Looks like the consensus might be that resumption is a no-no.
  83. dwd This is on the list.
  84. Zash ah
  85. dwd Kitten is Thursday, 1520-1650.
  86. Zash has left
  87. xnyhps has left
  88. stpeter has left
  89. Lance has joined
  90. Santiago26 has joined
  91. Lloyd has left
  92. Ash has left
  93. Ash has joined
  94. emcho has left
  95. emcho has joined
  96. emcho has left
  97. Santiago26 has left
  98. Santiago26 has joined
  99. intosi has left
  100. emcho has joined
  101. emcho has left
  102. emcho has joined
  103. Kev has joined
  104. Kev And that's my first hallway bump-into-someone.
  105. Kev Who else is here? :)
  106. emcho has left
  107. Santiago26 has left
  108. Santiago26 has joined
  109. dwd I'm just about to hop into the car. I should make the IETF hallway for about 6pm or so if I'm lucky; if not I'll see you at the meetup.
  110. stpeter has joined
  111. Kev It's entirely possible I won't be here by 6pm, but we'll see. I'm intending crowd-following once precis/xmpp are done.
  112. Kev I have my pretty noob-ribbon on :)
  113. dwd If I'd gone properly, I would have qualified for a noob ribbon, plus a WG Chair dot, which I'd have found amusing.
  114. Santiago26 has left
  115. stpeter dwd: I don't think you would have been the first
  116. stpeter although it is rare
  117. stpeter for what WG are you a chair?
  118. dwd qresync, now in shutdown-wait.
  119. Kev I guess I should try to find precis.
  120. Kev Follow the yelllow arrows?
  121. stpeter I need to find that, too, but I'm still in another meeting
  122. stpeter ah, it's downstairs
  123. stpeter 3 floors down in the east wing, right off the lobby
  124. stpeter this hotel has a strange layout
  125. Kev It's a labyrinth.
  126. Kev Going hunting, BRB.
  127. Kev has left
  128. dwd has left
  129. stpeter has left
  130. Santiago26 has joined
  131. Zash has joined
  132. stpeter has joined
  133. Kev has joined
  134. Santiago26 has left
  135. Alex has left
  136. Alex has joined
  137. Lance has joined
  138. emcho has joined
  139. emcho has left
  140. emcho has joined
  141. Ash has left
  142. Lance has joined
  143. Zash Kev: Did you see the video?
  144. Santiago26 has left
  145. Kev I haven't watched it yet.
  146. Kev I saw that there was one.
  147. xnyhps has left
  148. Kev has left
  149. Zash has left
  150. Ash has joined
  151. Kev has joined
  152. Santiago26 has left
  153. Santiago26 has joined
  154. Zash has joined
  155. SM has joined
  156. emcho has left
  157. xnyhps has left
  158. Santiago26 has left
  159. Santiago26 has joined
  160. emcho has joined
  161. emcho has left
  162. emcho has joined
  163. emcho has left
  164. emcho has joined
  165. Lance has joined
  166. emcho has left
  167. Lance has joined
  168. emcho has joined
  169. emcho has left
  170. emcho has joined
  171. Santiago26 has left
  172. Zash has joined
  173. xnyhps has left
  174. fippo hah, another two tls vulnerabilities. I think the tlswg will have fun
  175. fippo even though those were library issues
  176. ralphm Zash: was my suggestion clear?
  177. Zash has left
  178. Zash has joined
  179. Kev So, I'm currently sat in the TLS WG session, along with assorted other XMPP people, but I note that this goes on until 6:40. ISTR Lloyd suggesting that we should be at Moz at 6:30.
  180. Zash Hmm
  181. xnyhps I thought 7?
  182. ralphm Kev: ubber can't do time travel. Disappointing
  183. Kev Upon arrival Surevine will have pizza and beer waiting (around 6:30pm). The latest schedule is posted up on http://lanyrd.com/2014/xmppuk/.
  184. xnyhps Oh, meetup had 7.
  185. Tobias has joined
  186. stpeter do we need to sign up for Uber in order to catch a ride
  187. xnyhps I think you need to give them your credit card number.
  188. Kev I would be inclined to just grab the tube, personally, but I have an Oyster card.
  189. Zash I wanna see the series of tubes :)
  190. stpeter http://wiki.xmpp.org/web/IETF_89 says "We're planning on holding the XMPP meetup at MozSpace at 101 St. Martin's Lane, starting at 7pm."
  191. stpeter I'd be happy with the tube
  192. Zash ralphm: Your suggestion was?
  193. xnyhps I was planning to take the tube, too.
  194. Kev It's 20mins by tube, along Bakerloo, I believe.
  195. Kev https://www.google.com/maps/dir/Hilton+London+Metropole,+225+Edgware+Rd,+London+W2+1JU,+UK/51%C2%B030'37.4%22N+0%C2%B007'37.4%22W/@51.5201367,-0.1530664,13z/data=!4m12!4m11!1m5!1m1!1s0x48761ab4122b2d83:0xfdfeed0b864cbfb0!2m2!1d-0.1694932!2d51.5191439!1m3!2m2!1d-0.1270556!2d51.5103889!3e3 What a lovely URI.
  196. ralphm Zash: webrtc data channels
  197. Zash ralphm: Because that's likely to be implemented by clients anyways?
  198. stpeter ralphm: XTLS (Dirk Meyer's work) could offer a webrtc data channel as one of the transport options
  199. ralphm Zash: yes, that's my thinking
  200. Zash stpeter: Which is why it sounded like XTLS to me
  201. stpeter nods to Zash
  202. ralphm stpeter: yes, but I want to do away with IBB entirely
  203. Zash ralphm: Does XTLS say you have to use IBB?
  204. stpeter ralphm: so XTLS but MUST NOT offer IBB?
  205. Zash I don't see the need, really. Jingle lets you negotiate transport.
  206. Zash But what are the security bits you want to solve?
  207. ralphm Zash: well, sure, but my personal opinion is that IBB is horrible and don't want to have people need to implement it
  208. stpeter webrtc data channels seem convenient, for sure
  209. ralphm Zash: I think having out-of-band XML Streams for e2e are easier to implement
  210. Ge0rG I like IBB because it allows to leverage a trusted server for end-to-end file exchange
  211. ralphm Ge0rG: I don't see how that is better than negotiating an out-of-band connection with the server, over Jingle.
  212. Ge0rG besides, aren't XTLS and WebRTC data channels solving the same problem?
  213. stpeter Ge0rG: no
  214. stpeter Ge0rG: XTLS is end-to-end encryption - data channels would be one end-to-end transport over which we could negotiate end-to-end TLS
  215. Zash ralphm: Having IBB be MTI for E2E does indeed seem problematic. I think someone mentioned that you'd basically have to open a loopback connection to yourself, tunnel it over IBB and then starttls on that
  216. Zash Unless there are better tls libs that I've not seen
  217. Ash has left
  218. Ge0rG stpeter: but webrtc has dtls for end-to-end encryption, righT?
  219. ralphm stpeter: I'm not suggesting using any of webrtc per se, just the same p2p transport for the actual bits, with sctp/rtp/dtls and all that, as you would negotiate webrtc data channels
  220. fippo stpeter: we do negotiate end-to-end (d)tls with webrtc data channels. but the exchange of fingerprints is not protected.
  221. xnyhps Zash: Wat? Aren't most TLS libraries separated from network libraries?
  222. Zash xnyhps: Not really looked further than LuaSec
  223. stpeter ralphm: ah, thanks for the clarification
  224. ralphm XTLS says:
  225. ralphm More complex scenarios are theoretically supported (e.g., encrypted file transfer using SOCKS5 bytestreams and encrypted voice chat using DTLS-SRTP) but have not yet been fully defined. XTLS theoretically can be used to establish a TLS-encrypted streaming transport or a DTLS-encrypted datagram transport, but integration with DTLS [DTLS] has not yet been prototyped so use with streaming transports is the more stable scenario.
  226. ralphm So I'm saying we go the next step and actually prototype that thing mentioned, with the same tech as used for webrtc data channels.
  227. ralphm I think this makes people's live slightly better and allows us to piggyback on that work.
  228. Ge0rG how is dtls security handled in webrtc?
  229. Zash Ge0rG: AFAIK, you send a fingerprint through the SDP blob via your whatever server.
  230. fippo ge0rg: http://tools.ietf.org/html/rfc4572#section-6
  231. ralphm http://tools.ietf.org/html/rfc5764 has a bunch of text on that, too
  232. Ge0rG so how is that solving a different problem from xtls?
  233. ralphm Zash: I don't think it depends on SDP per se, but we might have to do a jingle equivalent.
  234. ralphm Ge0rG: it solves the same problems, but without IBB and with a protocol that people will implement in other places (WebRTC)
  235. ralphm like, say, browsers
  236. stpeter BTW, XTLS = http://tools.ietf.org/id/draft-meyer-xmpp-e2e-encryption-02.txt
  237. ralphm in fact, my feeling is that we should just take the IBB guts out of draft-meyer-xmpp-e2e-encryption and replace it with dtls-rtp
  238. ralphm stpeter: ah, thanks for that link, of course
  239. stpeter ralphm: I've always rather liked the general approach of XTLS
  240. Zash stpeter, +1
  241. stpeter it would be fairly straightforward for us to take draft-meyer-xmpp-e2e-encryption-02, change it around, and submit a revised I-D
  242. stpeter call it draft-meijer-* instead of draft-meyer-* ;-)
  243. Zash has left
  244. Zash has joined
  245. ralphm stpeter: no confusion there, I'm sure
  246. intosi has joined
  247. stpeter heh
  248. Zash But, do we want something that'll work with Carbons?
  249. fippo ralphm: xep 0320 is the jingle equivalent of that. even though it was actually pretty much limited to being an sdp mapping
  250. fippo ralphm: i'd like to see what ekr has in mind wrt webrtc + identity providers before going further in any direction
  251. ralphm fippo: right
  252. intosi has left
  253. Kev Zash: I want something that works with carbons and with MAM.
  254. ralphm stpeter: I do want to retain the generic nature of that draft, but without any suggestion of doing ibb
  255. m&m has joined
  256. Kev So anything that goes out of band has some unfortunate properties there.
  257. emcho has left
  258. intosi has joined
  259. stpeter +1 to Kev on Carbons and MAM
  260. stpeter so many requirements :-)
  261. ralphm Kev: and how does draft-miller address this?
  262. Kev That's what I'm trying to work out right now (reading it at the moment), before chatting with Matt tonight.
  263. stpeter http://tools.ietf.org/id/draft-ietf-xmpp-e2e-requirements-01.txt needs to be revisited
  264. ralphm Kev: my feeling is that it doesn't, but I might be missing something
  265. m&m carbons is supported, but possibly not MAM
  266. intosi Hello, Nelsons Column.
  267. m&m is taking notes for tls wg
  268. stpeter notes that WG notes really only need to be action items and I haven't heard many of those here
  269. m&m but note that supporting offline makes it hard (maybe impossible) to also support PFS
  270. Zash xnyhps, Kev, when do we need to leave?
  271. m&m immediately after tls-wg ends (-:
  272. Kev Depends if we want to get there for 18:30 or 19:00.
  273. intosi At what time can I invade Moz Space?
  274. stpeter the offline case makes life so much more complicated
  275. Kev If we want to get there at 18:30, when I think it 'opens' (@Edwin), we should leave here at 18:00, give or take.
  276. m&m you probably want to leave here @ 18:00 to be there by 18:30
  277. Zash My GMT+1 clock makes this very confusing.
  278. Kev Above times are Zulu.
  279. ralphm m&m: indeed. e2e might be conceptually incompatible with mam
  280. xnyhps Zash: If we want to be there on time, we need to leave 54 minutes from now.
  281. ralphm carbons is doable with oob, too
  282. Kev ralphm: I don't believe that to be true. It simply changes the tradeoffs.
  283. ralphm Kev: I think we agree
  284. m&m I think the difference is whether carbons is managed by the server, or managed by the client
  285. Kev In the simple case, anything gpg-based can be compatible with carbons and MAM, given ubiquitous private keys.
  286. Kev (Not that I'm pushing we use gpg as our approach)
  287. stpeter so much is possible, given ubiquitous private keys :-)
  288. m&m just not PFS d-:
  289. Kev Right.
  290. Zash To FS or not to FS.
  291. stpeter there is no P
  292. Tobias maybe we don't need the P :)
  293. stpeter heh
  294. Lance has joined
  295. stpeter "perfection is not an option"
  296. m&m Pretty-good Forward Secrecy (PgFS) d-:
  297. intosi Perfection is the opposite of delivered.
  298. Zash m&m, :D
  299. m&m Permissible Forward Secrecy
  300. xnyhps Pretty Good Forward Secrecy?
  301. intosi Poorly Guarded Privacy.
  302. Zash Hah
  303. m&m heh
  304. ralphm m&m: sure with xtls you'd need clients to figure out the multiplex
  305. Zash Yeah
  306. Zash You could also do MAM between your own resources
  307. intosi has left
  308. Kev Over 174"
  309. Ash has joined
  310. Kev Because moving all of XMPP to the client is our favourite direction.
  311. Zash Let's build Skype with angle brackets!
  312. Zash We just need a single master authentication server
  313. intosi has joined
  314. fippo zash: let's use gmail.com
  315. m&m hotmail.com
  316. Zash facebook.com!
  317. m&m IM is over-rated, we should go back to email!!
  318. m&m and use more ASN.1
  319. SM m&m, you do use email :-)
  320. m&m far too much
  321. stpeter :)
  322. fippo m&m: let's make ma bell proud by putting more intelligence into the network again!
  323. SM You folks will be getting veggie pizzas if you go on
  324. Zash MattJ will be pleased
  325. m&m XMPP over DTMF
  326. intosi One combination is a nibble, not sure what data rate you can achieve.
  327. Kev Pizza has bread in it, it can't be veggie.
  328. intosi Symbol rate, I mean.
  329. SM Kev, I thought that you were in for getting everyone to try that.
  330. Kev SM: There is a long-running gag with letting MattJ know that various foods (like bread) are meats.
  331. SM Oh:)
  332. m&m haha
  333. Zash Those poor Bread animals.
  334. intosi And veggies are meat anyway, the poor greens just don't know it yet.
  335. Zash Carrots are people too!
  336. intosi That's Captain Carrot for you.
  337. Ash has left
  338. Santiago26 has joined
  339. emcho has joined
  340. emcho has left
  341. emcho has joined
  342. intosi has left
  343. emcho has left
  344. emcho has joined
  345. SM has left
  346. xnyhps has left
  347. emcho has left
  348. emcho has joined
  349. emcho has left
  350. Kev So, yes. We should aim to leave in about 15mins if we want to get to Moz for 18:30Z.
  351. Santiago26 has left
  352. Santiago26 has joined
  353. Kev Is anyone intending leaving the session 40mins early to get to Moz, or is everyone staying to the bitter end?
  354. stpeter unfortunately m&m needs to stick around because he's taking notes
  355. stpeter I'd be game to leave, but I don't want to abandon Matt
  356. Zash We do have a backup Matt tho ;)
  357. m&m ouch
  358. stpeter heh
  359. emcho has joined
  360. Kev I don't really want to abandon anyone, but at the same time I'd like to get over to Moz and start bashing MattJ over the head to update MAM :)
  361. Santiago26 has left
  362. Kev So I'm inclined to leave now and apologise to m&m later :)
  363. Zash I'm hungry.
  364. Santiago26 has joined
  365. Kev Zash: So you're leaving?
  366. Zash I'm follwing MattJ
  367. Kev Matt is following you.
  368. Kev You're both useless.
  369. Zash xnyhps: Decide who's leading please.
  370. Kev I'm going to head to Moz now. Others can leave or not.
  371. Kev has left
  372. Zash But then either MattJ or I have to get up...
  373. Zash has left
  374. stpeter I hope m&m and I can figure out how to get to MozSpace :-)
  375. intosi Just follow the scent of Pizza.
  376. intosi And remember the address, that usually helps, too ;)
  377. m&m I've got a map cached on my phone (-:
  378. intosi Should do the trick.
  379. intosi Are you using Ubbers?
  380. m&m no, Underground
  381. stpeter https://wiki.mozilla.org/London might help
  382. intosi When lost, just go to Trafalgar Square and look at one of the maps there.
  383. intosi The square is big and kinda hard to miss ;)
  384. Tobias has joined
  385. intosi has left
  386. emcho has left
  387. Ash has joined
  388. stpeter has left
  389. Ash has left
  390. m&m has left
  391. Neustradamus has left
  392. Kev has joined
  393. Tobias has left
  394. Kev has left
  395. Kev has joined
  396. Kev has left
  397. Santiago26 has left
  398. Santiago26 has joined
  399. Zash has joined
  400. Santiago26 has left
  401. Santiago26 has joined
  402. Maranda has joined
  403. Zash has joined
  404. Maranda has left
  405. Maranda has joined
  406. Santiago26 has left
  407. Santiago26 has joined
  408. Tobias has joined
  409. Lance has joined
  410. Lance has joined
  411. Laura has joined
  412. Lance has joined
  413. Laura has left
  414. Alex has left
  415. intosi has left
  416. Tobias has joined
  417. Tobias has joined
  418. Kev has left
  419. Santiago26 has left
  420. Lance has joined
  421. Lance has joined
  422. Lance has joined
  423. Kev has joined
  424. Neustradamus I have a problem with http://planet.jabber.org/ same for you?
  425. intosi has joined
  426. ralphm has joined
  427. ralphm has joined
  428. Tobias has left