Without reading anything related to ZRTP, what is the purpose of that ZID name? I don't get it from the screenshots and your mail...
It's an additional security feature describe in RFC 6189 and even better in RFC 6189bis
and gives some better protection for example in case a device was captured/stolen. See
On top of what I just implemented (testing) I also would like to have the ZID name
in a more prominent place, not just as a tooltip in the SAS panel and string. However,
this required support from Yana because I don't want to "destroy" the fine UI :-). Maybe
we can have the name just right of the "zrtp" label if a ZID name was set, i.e. not empty.
I'm just testing this possibility.
Quote from RFC 6189bis:
Even though a ZID is associated with a device, not a human, it is often the case that a
ZRTP endpoint is controlled mainly by a particular human. For example, it may be a mobile
phone. For the key continuity features to be effective, a local cache entry (and thus
a ZID) should be associated with some sort of name of the remote party. That name could be
a human name, or it could be made more precise by specifying which ZRTP endpoint he's using.
For example "Jon Callas", or "Jon Callas on his iPhone", or "Jon on his iPad", or "Alice
on her office phone". These name strings can be stored in the local cache, indexed by ZID,
and may have been initially provided by the local user by hand. Or the local cache entry
may contain a pointer to an entry in the local address book. When a secure session is
established, if a prior session has established a cache entry, and the new session has a
matching cache entry indexed by the same ZID, and the SAS has been previously verified,
the person's name stored in that cache entry should be displayed.
It is absolutely essential to have these human-readable names associated with cache
entries. If the cache is implemented without them, it opens the door to a simple form of
MiTM attack. An attacker who has previously established a cache entry with both parties
(or simply captures a phone that has) can later act as a MiTM between those two parties
without triggering a cache mismatch, which means the users will not be alerted to do an
SAS compare. This MiTM attack would be easily detected if the name stored with the cache
entry is displayed for the user, so that the user can readily see that he is not
connected to the remote party he expected.
From: Werner Dittmann [mailto:Werner.Dittmann@t-online.de]
Sent: Donnerstag, 5. April 2012 09:41
Subject: [jitsi-dev] Re: [jitsi~svn:9503] Adds new improved security
Hi Yana, all,
that's a great enhancement a gives a much better feedback for the user.
<SNIP --- SNAP>
Am 05.04.2012 10:26, schrieb Ingo Bauersachs: