Rainer "friendica" Sokoll
Dźwiedziu@rainer
This is the main XMPP/OMEMO problems, AFAIU: fragmentation (bonus points for fragmented security).
pixelschubsi@dzwiedziu @rainer fragmentation isn't the problem, it's really only a marketing/naming things issue. If there was a name for XMPP+OMEMO+MAM+[a few others likely], let's say Blubber, than Thunderbird might be an XMPP client, but nobody would give a shit about XMPP clients for instant messaging, because for instant messaging you want a Blubber client.
The fact that you can use XMPP outside of personal IM is not a problem. XMPP Core is just one layer in a stack of protocols, similar to TCP or IP.
@pixelschubsi
If it isn't fragmentation then which clients use OMEMO 0.7.0 or higher?
(I'm not even asking about the last version of XEP-0384, 0.9.0, or the ability to enforce encryption.)
@dzwiedziu @rainer why would you, as a presumed end user, bother about the version of a specification that is implemented. What matters is compatibility and interoperability with the clients others use (and specifically for OMEMO you might also be interested in its security, but that didn't really change between versions). With almost all clients implementing OMEMO in a compatible way, that shouldn't be relevant.
And AFAIK, Quicksy doesn't have an option to disable OMEMO.
@pixelschubsi
Because my threat model includes “you shouldn't use or recommend bad cryptography”, that's why.
No, you don't need to be compatible with less secure protocol versions. That's a downgrade attack.
Is this “didn't really change between versions”? https://xmpp.org/extensions/attic/xep-0384-0.9.0.html#revision-history-v0.4.0
(and 0.3.0 is the most popular version, looking at https://xmpp.org/extensions/#xep-0384-implementations)
And that's even apart from the age of this change, keeping this XEP “experimental” and treating like a side-side project.
@dzwiedziu @rainer Can you explain in how far this 0.3 version has bad cryptography? I've heard about potential attacks if it was used in context of moderated rooms, but that's not a common use case for OMEMO. Also for what I know, the cryptography hasn't changed at all since 0.4, so what is it that makes you want 0.7?
@dzwiedziu @rainer the big changes in 0.4 as far as I know were:
- not use signals HKDF info strings and protobuf schemes, because Moxie claimed those are copyrighted and compatible implementations thus must get a license from him or use GPL.
- use SCE, a newer encryption framework for XMPP: that's about how and what payload is encrypted and doesn't affect the cryptography itself.
- Make use of server features in PEP that haven't been widely available before.
- not use signals HKDF info strings and protobuf schemes, because Moxie claimed those are copyrighted and compatible implementations thus must get a license from him or use GPL.
- use SCE, a newer encryption framework for XMPP: that's about how and what payload is encrypted and doesn't affect the cryptography itself.
- Make use of server features in PEP that haven't been widely available before.
BenderRobot