XSF Discussion - 2023-04-05

singpolyma: next newsletter!

We've previously discussed that with Dialback authentication, having an encrypted connection is preferable over having a non-encrypted connection. This can make it allowable to continue with TLS-for-encryption in circumstances where a connection would typically be closed as a result of a failed TLS negotiation. I'm still struggling to identify what's reasonable here. Is it reasonable to continue using Dialback for authentication when, for example, - the receiving entity has an expired certificate? - the initiating entity has an expired certificate? - the initiating entity has a certificate that identifies the wrong domain? Isn't this effectively a downgrade attack vector?

I think the answer is that it's acceptable 'by configuration'.

Guus, what that effectively does is that it raises the bar for a successful attack on the stream from passive to active

"Local Policy"

(compared to "allow unencrypted connections")

Kev/Zash: I was very much dreading that (very valid) argument. :)

so yeah, if you need that, make it configurable, but don't enable it by default.

Prosody has its certificate auth as a separate thing that doesn't really have protocol, it's just an event or point where it checks the cert and if agreees with configuration it proceeds with Something, which could be SASL EXTERNAL or Dialback

where you write 'certificate auth' you mean 'certificate verification' (and explicitly not 'authentication')?

There's a "check the cert" event. It checks the cert. Depending on policy, connection direction and protocol, that result is used ... somehow.

E.g. if valid certs are required, but only Dialback is available, it'll go ahead with Dialback IFF the cert validates.

As was the case with jabber.org until recently, for mysterious reasons.

I've just mapped out the possible combinations of two Openfire servers with its basic S2S configuration ("require/desire/disable TLS", "ignore cert date expiry", enable/disable Dialback, etc), and I'm coming up with close to 200,000 combinations options - and that's without introducing the 'local policies' that would allow for dialback to be used if TLS fails, as discussing now/here. :S

Disable TLS? In this day and age? GLHF

then don't allow dialback when TLS fails :-)

> Disable TLS? In this day and age? GLHF There are other networks than the Internet.

There may be reasons why you want to disable TLS, e.g. over certain connections where crypto is a feature of your underlying connection.

Not the point. Even if I removed the option to disable TLS, the permutations are still considerable.

tls {disabled, allowed, required} × valid certificates {required, not required} => 6 ?

6 × {SASL EXTERNAL, not} × {Dialback, not} ≃ 24?

Deprecate dialback. Require connections are secure by default, and add extension points to override the definition of "secure".

For those deployments where you may have other forms of non-TLS security, for example

Put XEP-0288 on the compliance suite to deal with the poor unidirectional failure mode of SASL EXTERNAL

Dialback the protocol vs Dialback the ~auth~ verification method?

s/deal with/half patch over/ ✏

Dialback the protocol is ugly but you can skip the actual dialing back and just short-circuit if certificates check out

except for the secuirty bug when I did that 🙁

And with that dialback-without-dialback shortcut, you're back to potential unidirectional half-broken connectivty ✏

The problem with deprecating dialback is we don't really have a replacement yet, do we?

DANE but no server really supports that yet

mTLS?

singpolyma, whether we have a replacement depends on how you define the requirements. Snikket is doing fine with no dialback.

MattJ: by just requiring CA valid EXTERNAL?

Yes

Right. But one doesn't use dialback in that case normally (does any server even allow you to?) so I wouldn't call it a replacement

In what case does one use dialback, then? When the attacker is unable to obtain a valid certificate? :)

When the other server isn't using a cert from a CA that you're aware of and/or when you don't want to put the security of your server in the hands of random CAs

wouldn't you rather use DANE there?

jonas’: yes, Dane would be a great replacement

so let's just do that?

> 13:22:48 singpolyma> DANE but no server really supports that yet

My main dislike of dialback isn't even the security (which is very similar to the challenge-based stuff Let's Encrypt is built on), it's the complexity of it

DANE on the internet and same-cert over Tor, what else is needed?

Zash's math made me look twice at mine. Based on his feedback, I've reduces the amount of server configuration permutations to 18 (which is in line with what Zash had). Still if the other end has as many, that racks up to 324 different combinations. Some permutations do not make a lot of sense (disallowing TLS but having a certificate, for example), but still, things add up quickly, especially if I start adding more configuration options (eg: 'allow expired certs').

I'm also starting to lean towards the "if you want TLS for encryption but are happy to have Dialback auth, then you should use an anonymous cypher". That way, the implementation isn't explicitly told to ignore a failing TLS mechanism.

📢 Update from iteam: we have been donated a replacement server by USSHC, and Kev has restored the latest daily backups we had from the old server onto the new one. There are still a few tasks to complete to get the server fully operational again, but we're getting there!

That's very generous of USSHC. I'm guessing that the old server now has actual value due to its rarity? :)

As a coffee table, perhaps

> When the other server isn't using a cert from a CA that you're aware of and/or when you don't want to put the security of your server in the hands of random CAs There's only one now tho ;)

Morgen

Moin!

Hi Arc!

Board Meeting: https://meet.jit.si/XSF-Board-2023-04-05

Hi

@arc we’re chatting via Jitsi

Thanks, all. Minutes to follow later today.

Thanks :)

Thanks all

When is the next board meeting happening?

I thought it was May 4th at 1600 UTC

May the 4th be with you

I could also do the third if we are just doing text but my camera is used for the work meetings for a hour Wednesday mornings starting 15:30

stpeter, MattJ I've added you as calendar admins, and did some cleanup on that list of people.

arc: iirc you are nearish Portland OR, did you see the announcement of the XMPP track at FOSSY in July ?

Yes and I plan to attend

Especially now that I can walk again

Very nice, on both counts

I was originally told that might be my Christmas miracle this year

However, as a rugby player I do not take head injuries lightly.. as soon as they gave me the wheelchair I pulled out the sawhorses and started doing squats so that when I was able to walk mentally I would also be physically able

See the problem with these estimates is the often require months of physical therapy to restore strength lost to atrophy from being in the wheelchair to begin with

Needless to say this is not my first rodeo.. a year became 7 weeks plus another month with a walker, my neurologist said she has never seen anyone recover so quickly

I am back at Aikido class doing acrobatic backrolls, my voice needs more work and I am still not walking very fast but still tremendous progress and I should be able to walk to the convention center

Good to hear that arc !

Portland has a very beautiful pedestrian bridge that crosses the Willamette River that is near the convention center called Tillikum Crossing, everyone should make a effort to walk the bridge when they visit Portland

OMSI, kind of a science museum for kids, is on the east side of the bridge so it is popular for families

Arg, just came back and unfortunately missed the board meeting.

I'll be there next time.

I almost missed it too because of a scheduling conflict

Jitsi didn't want to open while Amazon Chime was in a different meeting

Ah, then see you next time too!

Meetings are normally 30 minutes or less but it ran for an hour this month so I was able to catch the second half

Thanks, Ralph!

Do you hear this?

What?

https://jabbers.one:5281/file_share/FGMssi6Va1sODI6DB9qCkP2B/Boat%20Horn%20Sound%20Effect.opus

https://jabbers.one:5281/file_share/q9nfbj9MbFCV-dI44TwAdDS8/elbe-sprint.png

Please wait for further announcement, before you book anything. But consider to put it into your calendar 🙂

Oh

Great

Whoop whoop!

> Portland has a very beautiful pedestrian bridge that crosses the Willamette River that is near the convention center called Tillikum Crossing, everyone should make a effort to walk the bridge when they visit Portland arc: when I go down to Portland for FOSSY I plan to bring my DSLR! So sight seeing is on my schedule :) ↺

You should certainly get a couple shots of that bridge. Of course we have many bridges but I think that is the most beautiful

arc: 👍

Of course there are many waterfront trails with a ton of beautiful sights

I live a block from the river and when I leave the back door open random ducks and geese come in looking for food

Of course you want to do the classic plant scavenger hunt.. Oregon grape for example. The leaves look like Holly, but the berries are yellow and will turn blue or purple later in the year

Oregon grape is our state flower and it grows everywhere

You can also very easily clone it

People make jellies out of them and by adding a lot of sugar or pectin you can make them halfway decent, but I find them to chase somewhere on the spectrum between sour and bitter by themselves but they are edible

I’ve added minutes at https://wiki.xmpp.org/web/Board-Meeting-2023-04-05