[jitsi-dev] jitsi and xmpp starttls


#1

background:

The only way in the current XMPP spec to establish a secure connection
with an XMPP server is StartTLS.

Unfortunately, there is no way for the server to enforce a policy of
mandatory TLS connections, because a MiTM can easily alter the
communication between client and the server that advertises this.

So, secure connections in XMPP rely entirely on the client settings. A
setting of 'try encryption, but fallback to cleartext' is not advisable,
because it is easily thwarted by a MiTM. This setting for StartTLS has
been removed from Thunderbird for this reason, because of numerous cases
where this attack has come to light in the real world.

how this relates to jitsi:

As far as I can tell from my tests, the setting in jitsi is exactly
this: 'try starttls, fallback to cleartext'. This is particularly
problematic because there is no way to configure jitsi to require
encryption. The result is that it is currently impossible to ensure a
secure XMPP connection in jitsi.

proposed solution:

(1) The default setting for XMPP starttls should be 'require
encryption'. The authentication stanza should NOT be sent before TLS has
been negotiated.

(2) If you must, add the option to totally disable XMPP connection
encryption. At most, there should be two options: "encryption required"
and "encryption disabled" -- again, because "try encryption" is so
easily thwarted as to be effectively meaningless.

thanks,
-elijah


#2

Hey there Elijah,

You are right indeed. Thanks for the tip!

Starting from build 3667, Jitsi would automatically refuse to connect to
XMPP servers that don't have TLS.

Users can override this behaviour through the account configuration.

Hope this works for you!

Cheers,
Emil

На 12.09.11 08:49, elijah написа:

···

background:

The only way in the current XMPP spec to establish a secure connection
with an XMPP server is StartTLS.

Unfortunately, there is no way for the server to enforce a policy of
mandatory TLS connections, because a MiTM can easily alter the
communication between client and the server that advertises this.

So, secure connections in XMPP rely entirely on the client settings. A
setting of 'try encryption, but fallback to cleartext' is not advisable,
because it is easily thwarted by a MiTM. This setting for StartTLS has
been removed from Thunderbird for this reason, because of numerous cases
where this attack has come to light in the real world.

how this relates to jitsi:

As far as I can tell from my tests, the setting in jitsi is exactly
this: 'try starttls, fallback to cleartext'. This is particularly
problematic because there is no way to configure jitsi to require
encryption. The result is that it is currently impossible to ensure a
secure XMPP connection in jitsi.

proposed solution:

(1) The default setting for XMPP starttls should be 'require
encryption'. The authentication stanza should NOT be sent before TLS has
been negotiated.

(2) If you must, add the option to totally disable XMPP connection
encryption. At most, there should be two options: "encryption required"
and "encryption disabled" -- again, because "try encryption" is so
easily thwarted as to be effectively meaningless.

thanks,
-elijah

--
Emil Ivov, Ph.D. 67000 Strasbourg,
Project Lead France
Jitsi
emcho@jitsi.org PHONE: +33.1.77.62.43.30
http://jitsi.org FAX: +33.1.77.62.47.31