-
Notifications
You must be signed in to change notification settings - Fork 122
/
Copy pathpubsub-targeted-encryption.xml
121 lines (113 loc) · 6.35 KB
/
pubsub-targeted-encryption.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
%ents;
]>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
<xep>
<header>
<title>Pubsub Targeted Encryption</title>
<abstract>Specifies a way to encrypt pubsub items for a restricted set of entities</abstract>
&LEGALNOTICE;
<number>xxxx</number>
<status>ProtoXEP</status>
<type>Standards Track</type>
<sig>Standards</sig>
<approver>Council</approver>
<dependencies>
<spec>XMPP Core</spec>
<spec>XEP-0001</spec>
<spec>XEP-0004</spec>
<spec>XEP-0060</spec>
<spec>XEP-0384</spec>
</dependencies>
<supersedes/>
<supersededby/>
<shortname>pte</shortname>
<author>
<firstname>Jérôme</firstname>
<surname>Poisson</surname>
<email>[email protected]</email>
<jid>[email protected]</jid>
</author>
<revision>
<version>0.0.1</version>
<date>2022-10-31</date>
<initials>jp</initials>
<remark><p>First draft.</p></remark>
</revision>
</header>
<section1 topic='Introduction' anchor='intro'>
<p>While it is nowadays possible to encrypt pubsub items with OpenPGP for XMPP Pubsub, this specification is designed for pubsub nodes were all items are end-to-end encrypted, and it is using symmetric encryption with a system of key sharing, meaning that if a key is available, it can decrypt all items encrypted with it.</p>
<p>This is fine for most use cases, however it may be desirable to only encrypt a few items with properties such as Perfect Forward Secrecy. This specification describes a way on how to do that by adapting existing end-to-end encryption algorithms used in instant messaging to pubsub items. This may be used to implement restricted items (a feature known is some other software such as "aspects" or "circles") or for transient nodes.</p>
</section1>
<section1 topic='Requirements' anchor='reqs'>
<p>The design goal of this specification is to simply adapt existing e2e encryption algorithms used for messages to pubsub items.</p>
</section1>
<section1 topic='Use Cases' anchor='usecases'>
<section2 topic='Encrypting a Pubsub Item' anchor='encrypt'>
<p>Juliet holds a public blog using &xep0277;. However, she wants to publish a new item that should be visible only to some well targeted users. To do so she encrypts the payload in the same way as she encrypts messages with an e2e encryption algorithm such as &xep0384;. She wraps the encrypted payload in an <encrypted/> element qualified by the 'urn:xmpp:pte:0' namespace which MUST have a 'by' attribute with her own bare jid as value, and which MUST have a 'type' attribute whose value is the namespace of the algorithm used.</p>
<p>She decides to use &xep0384; to encrypt her items, her client publishes an item like this:</p>
<example caption="Juliet Publishes a Targeted Encrypted Item"><![CDATA[
<iq xmlns="jabber:client" id="pte_1" type="set" from="[email protected]/chamber" to="[email protected]">
<pubsub xmlns="http://jabber.org/protocol/pubsub">
<items node="urn:xmpp:microblog:0">
<item id="secret_blog_post" publisher="[email protected]/chamber">
<encrypted xmlns="urn:xmpp:pte:0" by="[email protected]" type="urn:xmpp:omemo:2">
<encrypted xmlns="urn:xmpp:omemo:2">
<header sid="878841001">
<keys jid="[email protected]">
<key rid="673880319">ChDRqSBLTR+RtRIH8io7kf22EmgIARACGiCasIYfB6Zfe5SNyT8twIa+mEYA8h7uEQIjQ64dJx4vXiJAZSpXPRW+sVVSC7gc4lDEiTA4DT7AIh/woa82PFjgFdL0A8HTyBe7yh3UWThZGuTp5A3zmjXH7pAwKX85oxQ8XA==</key>
</keys>
</header>
<payload>DWmAVvrKlPPh23OmvmIrJmQXj5hVtgAnY8IOGZNqJc59T93hzsTen7tw7Kea5KfM3btfS25xd6RRWe0ZrqdvdGtKfHJFc77k5pQ052br4Qxw9kLWCVGqpNkrpwoBUshqs5mwA1WRLGdUfEsMaePwZv4m9xvXZSrxNIf9vQNX/GJM2GAT55exZSRU0Px8/E8j0XMtHCuZ4j3z0EBk1NZin0suQv8rVy1liWACPNuVrnU7h8LpdWmUggYztqL9l1yoxzEOFRrpdFkDqcZDLbO8bWAcYQNpWYoefaYvnvLV4zkW4dELQydSC2KkGMN/LmdYspVUPzPpQt7OmAKAndFWXTsAV5wmbtVsr15TzxI4NVDZyp7G70TYyTHlhG2gAq7StVj09bJi6IHa59L1BgNrNKT/ZG8pbe/GXUoPg4q9ZfuDiOYBHUugUxNsVFactRp6UocaQT/RogrqKY3o6NlTvnqVYpMJsi72cp8uQWTPtqwBpxyhAY0jKp1D+y7m2wzbeD2SZCw5+FryXulQhCKJ0dLI00PJr4dELWdu+uQLdyHl5FxG4D8mLQVOnY/TMa0vXUxsMAQI8g8LEHdJIhKU4GyVt125WhrbMrbcBu8iKCYmiz820siZeD8i5iZa1eQ69hnA9iCqMRS2DsqieUeI1Y4I7+0pHcyzpNC8408B7LhkgwxOEopExdOfv1NFwamsN5zXhCqj386oGRl9Ry0Gw+QSv9jlW4FB0rM8r+GF5gB66p0nYU/U5W8efXgNI/W1yAdUxgXc9FiQMmzIauTmR4m5WUxPjBggVYz1q3TkeZHQJpWy47EWZPnM9leWKNqC</payload>
</encrypted>
</encrypted>
</item>
</items>
</pubsub>
</iq>
]]></example>
</section2>
</section1>
<section1 topic='Business Rules' anchor='rules'>
<p>The properties of the encryption algorithm apply. For instance, in the case of &xep0384;, there is the propery of Perfect Forward Secrecy, meaning that once an item has been decrypted once by a targeted entity, it can't be decrypted anymore. Clients should then handle pubsub caching of the decrypted item when necessary.</p>
</section1>
<section1 topic='Discovering Support' anchor='disco'>
<p>If a client supports the protocol specified in this XEP, it MUST advertise it by including the "urn:xmpp:pte:0" discovery feature in response to a &xep0030; information request, furthermore, the supported encryption algorithms are announced as explained in their respective XEPs.</p>
<example caption="Service Discovery information request"><![CDATA[
<iq type='get'
from='[email protected]/balcony'
to='[email protected]/orchard'
id='disco1'>
<query xmlns='http://jabber.org/protocol/disco#info'/>
</iq>]]></example>
<example caption="Service Discovery information response"><![CDATA[
<iq type='result'
from='[email protected]/orchard'
to='[email protected]/balcony'
id='disco1'>
<query xmlns='http://jabber.org/protocol/disco#info'>
...
<feature var='urn:xmpp:pte:0'/>
<feature var='urn:xmpp:omemo:2'/>
...
</query>
</iq>]]></example>
</section1>
<section1 topic='Security Considerations' anchor='security'>
<p>Security Considerations of used encryption specifications apply.</p>
</section1>
<section1 topic='IANA Considerations' anchor='iana'>
<p>TODO</p>
</section1>
<section1 topic='XMPP Registrar Considerations' anchor='registrar'>
<p>TODO</p>
</section1>
<section1 topic='XML Schema' anchor='schema'>
<p>TODO</p>
</section1>
<section1 topic='Acknowledgements' anchor='acks'>
<p>Thanks to NLNet foundation/NGI0 Discovery for funding.</p>
</section1>
</xep>