[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: My $0.02 (or less :)



I've wanted to add a good layer of security to Jabber, but unfortunately I
have little experience in this area(encryption, etc) to do anything
myself.  What i have done though, is try to design this sucker in a way
that would be easy to add security to.

There are three things that could be added that I can think of offhand...
first is one that doesn't involve the server at all, just use PGP within
the messages and let the clients handle the encryption/decryption, the
server just passes it around.  This is good, because simple clients can
still be written that don't have to worry about it, and secure clients can
be used where the extra security is needed.

The second would be to simply tunnel the connections between the client
and server through ssh or something similiar... 

And thirdly, Jabber already does simple authentication like any other net
service(POP, HTTP, FTP, etc) so that you only have access to your account,
but an extra chunk here to do it better would be some sort of public key
exchange like SSL does, within the initial authentication, again, I don't
know a heck of lot about this stuff :)

But, overall, I want to make security as available as possible, but if it
requires heavier clients even if they don't use/need the security, I'm not
sure I want to force that... but it should be available to users that want
it, from the first release if possible.

Jer

On Mon, 4 Jan 1999, Corbett J. Klempay wrote:

> First, kudos to Jer for making a legit effort on this; there seem to be a
> lot of people who like to say 'ICQ blows, we need something better', but
> aren't even willing to put thought (_serious_ thought) into a new design.
> It's readily apparent that this thing has been doing lots of running
> around in his mind.
> 
> Ok...my main thing is that I'd assert that it is important that secure
> communication (via any of a number of algorithms which have been throughly
> hammered on) -- and perhaps even authenication (although I consider this
> much less important) -- be part of the initial release.  If this would
> induce a later release time (surely it would), it would perhaps still be
> worth it.  The thing is...while the system is much more cleanly
> designed/modular/powerful than many of the existing products, I'm not sure
> that Jabber without encryption offers users a _compelling_ reason to use
> it over ICQ/AIM/etc.  Sure, it might be a smoother ride here and there due
> to a better design + implementation, but does Mr. Average Clueless Man
> (_particularly_ Mr. Average Clueless Man Who Wants to Use This In A
> Business Setting) have much to gain by switching?  I think that that's one
> of the biggest shortcomings with ICQ now; there is no attempt at
> encryption or authentication...Mirabilis has repeatedly responded to
> questions in the press about weak (or absent) security in its product, and
> every time it simply states that ICQ is not intended to do anything other
> than unimportant, casual communication.  If Jabber were to be able to
> interoperate with ICQ/AIM (as planned) and also had secure features when
> talking to another Jabber, it would be the 'smart business choice' (not to
> mention the smart choice of anyone who has ever had some idiot try to 0wN
> tHiEr B0x :)  Commments?
> 
> I'm undecided on the no client to client issue...I think the possible
> features may be outweighed by the horrendous resource (particularly
> bandwidth) requirements to run a larger server...mom and pop ISPs may not
> be too keen on testing the waters with a hog like that, maybe?
> 
> To answer David Jeske's question about why ICQ uses UDP...I've always been
> told that it was done because of the much smaller overhead of UDP vs. a
> TCP connection...which is surely an issue with Mirabilis, considering the
> amount of traffic their central servers must see.
> 
> ------------------------------------------------------------------------------
> Corbett J. Klempay			         Quote of the Week:
> http://www2.acm.jhu.edu/~cklempay  "Perl is worse than Python because
> 				    people wanted it worse." Larry Wall
> 
> PGP Fingerprint: 7DA2 DB6E 7F5E 8973 A8E7  347B 2429 7728 76C2 BEA1
> ------------------------------------------------------------------------------
> 
> 
>