[liberationtech] XMPP object encryption at IETF about to die...

carlo von lynX lynX at time.to.get.psyced.org
Wed Nov 12 02:40:37 PST 2014 

Oh great, now I have friends pointing me at libtech postings
inciting me to reply to them because they're excited to see
what I will have to say...

At least I hope to surprise them a bit. Let's see...

On Tue, Nov 11, 2014 at 02:18:49PM -1000, Joseph Lorenzo Hall wrote:
> I'm here at IETF 91 hanging with all the protocol nerds. I was talking
> to someone about OTR and they pointed out that the object-encryption
> standard for XMPP that has been put forward is about to die due to
> lack of interest and engagement:
> 
> http://tools.ietf.org/html/draft-miller-xmpp-e2e

Yes, Matt Miller presented that at the IETF before and although
Snowden was in the air no client dev came forward to say YES!
Let's do this. It was so sad, I even refrained from bashing
XMPP too loud that it is the wrong and broken protocol for the
job anyhow.

> Has anyone seen this and thinks it could be a good thing to
> standardize? I realize it's a subset of what OTR provides but I'm
> wondering if this could be something we as a community might want to
> work with in this kind of standards body.

Subset? The proper integration of E2E and PFS removing most of the
trouble we have with OTR desyncing and throwing errors in our face
would be a great improvement of the XMPP experience, given you
want to keep XMPP. And it also applies to other XMPP packets like
profile look-ups etc - things that people *expect* to be secure
when using OTR while they actually aren't. So I don't really see
what you mean by subset here. I have the impression it does more.
Is it missing socialist millionaire? That would be a problem. Do
you mean that by subset? Haven't looked at the draft recently.
It's kind-of been around in the XMPP standards discussion for 
about a decade now, ever since OTR came up.

> Any e2e-has-a-posse folks have an interest here or is standardization
> not an interest or desire?

Standardization is not the problem. You need at least one dev
who cares enough to implement all the lot of code into one of the
too many badly implemented XMPP clients. It's awful how only few
XMPP clients currently offer the full up to date OTR protocol.
I have a feeling the majority of OTR conversations are not
properly being authenticated because of things like socialist
millionaire (aka shared secrets) not being implemented everywhere.

No wait, I correct myself. Standardization IS the problem. It
leads to every spare time code writer doing his own client brew
and none of them being solid enough for humanity's needs (given
that XMPP wasn't a bad choice in the first place). What we need
is everyone working on a single solid codebase, possibly
ChatSecure, and have that available for ALL platforms, with
professional usability and no glitches.

But then again maybe it's time to kiss federation good-bye.
XMPP comes not only with a lot of problems of its own that you
can read about at http://about.psyc.eu/XMPP - it also shares
the fundamental architecture problem with PSYC being the
federation of servers. When we designed those protocols we
made the fatally wrong assumption that servers are neat, cool,
sweet and most of all SAFE. Also back in the 90s we didn't
have DHTs yet. Fifteen years later it is overdue to admit that
XMPP, SMTP and other federation protocols were designed to a
paradigm which no longer is recommendable. We should improve
those technologies that provide not only end-to-end encrypted
messaging, but also metadata protection and defense against
attacks on single points of failure like jabber.ccc.de.

http://secushare.org/comparison lists a few platforms that are 
heading in the right direction. I need to add blockchain
apps to that soonish, as Bitmessage seems to function and I'm
no longer sure it can't scale. Maybe it actually could. Please
let's get off XMPP+OTR soon and not invest huge amounts of
energy just to get rid of the bugs.

And let's stop talking about open standards for free software.
Open standards are only important when we HAVE to deal with
some company dominating the field with its proprietary tool.
As long as we do not need to interact with any proprietary
thing, we can avoid impeding development by standardization.

Just think how useful it would have been to spread cat gifs
over XMPP if XMPP weren't so impractical for binary data.
Instead it sucks, so nobody does it.

It's crazy for our civil liberties and the foundations of
democracy to be using either Facebook or Google for personal
conversations, so we should not work on an open standard that
includes those platforms. So we don't need to focus on an open
standard. We just need running AGPL code, which implies a free
protocol by definition.

-- 
	    http://youbroketheinternet.org
 ircs://psyced.org/youbroketheinternet

More information about the liberationtech mailing list