internet-drafts | 24 Oct 03:48 2014
Picon

I-D Action: draft-ietf-xmpp-6122bis-15.txt


A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Extensible Messaging and Presence Protocol Working Group of the IETF.

        Title           : Extensible Messaging and Presence Protocol (XMPP): Address Format
        Author          : Peter Saint-Andre
	Filename        : draft-ietf-xmpp-6122bis-15.txt
	Pages           : 28
	Date            : 2014-10-23

Abstract:
   This document defines the address format for the Extensible Messaging
   and Presence Protocol (XMPP), including support for code points
   outside the ASCII range.  This document obsoletes RFC 6122.

The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-xmpp-6122bis/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-xmpp-6122bis-15

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-xmpp-6122bis-15

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
(Continue reading)

internet-drafts | 24 Oct 03:27 2014
Picon

I-D Action: draft-ietf-xmpp-dna-08.txt


A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Extensible Messaging and Presence Protocol Working Group of the IETF.

        Title           : Domain Name Associations (DNA) in the Extensible Messaging and Presence Protocol (XMPP)
        Authors         : Peter Saint-Andre
                          Matthew Miller
	Filename        : draft-ietf-xmpp-dna-08.txt
	Pages           : 18
	Date            : 2014-10-23

Abstract:
   This document improves the security of the Extensible Messaging and
   Presence Protocol (XMPP) in two ways.  First, it specifies how to
   establish a strong association between a domain name and an XML
   stream, using the concept of "prooftypes".  Second, it describes how
   to securely delegate a service domain name (e.g., example.com) to a
   target server host name (e.g., hosting.example.net), which is
   especially important in multi-tenanted environments where the same
   target server hosts a large number of service associated with
   different domains.

The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-xmpp-dna/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-xmpp-dna-08

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-xmpp-dna-08
(Continue reading)

Ben Campbell | 14 Oct 01:17 2014

WGLC of draft-ietf-xmpp-posh-02

(Oops, messed up the authors' address the first time. Apologies for the duplicate.)

This is a Working Group Last Call of draft-ietf-xmpp-posh-02. The draft is available at the following URL:

http://tools.ietf.org/html/draft-ietf-xmpp-posh-02

The WGLC will conclude on 27 October, 2014. Please send your comments to the authors and the XMPP mailing list.

Thanks!

Ben.
Ben Campbell | 13 Oct 22:05 2014

WGLC of draft-ietf-xmpp-posh-02

This is a Working Group Last Call of draft-ietf-xmpp-posh-02. The draft is available at the following URL:

http://tools.ietf.org/html/draft-ietf-xmpp-posh-02

The WGLC will conclude on 27 October, 2014. Please send your comments to the authors and the XMPP mailing list.

Thanks!

Ben.
Peter Saint-Andre - &yet | 13 Oct 16:24 2014
Picon

dialback in DNA

Currently draft-ietf-xmpp-dna does not consider server dialback to be a 
DNA prooftype. Matt and I propose adding the following text to ยง7:

    Although the PKIX prooftype uses the XMPP Server Dialback protocol
    [XEP-0220] for signalling between servers, this framework document
    does not define the exchange of dialback keys (also specified in
    [XEP-0220]) as a DNA prooftype.  However, a future specification, or
    an updated version of [XEP-0220], might define a DNA prooftype for
    dialback in a way that is consistent with this framework.

Peter

--

-- 
Peter Saint-Andre
https://andyet.com/
internet-drafts | 11 Oct 00:09 2014
Picon

I-D Action: draft-ietf-xmpp-posh-02.txt


A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Extensible Messaging and Presence Protocol Working Group of the IETF.

        Title           : PKIX over Secure HTTP (POSH)
        Authors         : Matthew Miller
                          Peter Saint-Andre
	Filename        : draft-ietf-xmpp-posh-02.txt
	Pages           : 14
	Date            : 2014-10-10

Abstract:
   Experience has shown that it is extremely difficult to deploy proper
   PKIX certificates for TLS in multi-tenanted environments, since
   certification authorities will not issue certificates for hosted
   domains to hosting services, hosted domains do not want hosting
   services to hold their private keys, and hosting services wish to
   avoid liability for holding those keys.  As a result, domains hosted
   in multi-tenanted environments often deploy non-HTTP applications
   such as email and instant messaging using certificates that identify
   the hosting service, not the hosted domain.  Such deployments force
   end users and peer services to accept a certificate with an improper
   identifier, resulting in obvious security implications.  This
   document defines two methods that make it easier to deploy
   certificates for proper server identity checking in non-HTTP
   application protocols.  The first method enables the TLS client
   associated with a user agent or peer application server to obtain the
   end-entity certificate of a hosted domain over secure HTTP as an
   alternative to standard PKIX techniques.  The second method enables a
   hosted domain to securely delegate a non-HTTP application to a
(Continue reading)

internet-drafts | 10 Oct 22:47 2014
Picon

I-D Action: draft-ietf-xmpp-6122bis-14.txt


A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Extensible Messaging and Presence Protocol Working Group of the IETF.

        Title           : Extensible Messaging and Presence Protocol (XMPP): Address Format
        Author          : Peter Saint-Andre
	Filename        : draft-ietf-xmpp-6122bis-14.txt
	Pages           : 29
	Date            : 2014-10-10

Abstract:
   This document defines the address format for the Extensible Messaging
   and Presence Protocol (XMPP), including support for code points
   outside the ASCII range.  This document obsoletes RFC 6122.

The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-xmpp-6122bis/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-xmpp-6122bis-14

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-xmpp-6122bis-14

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
(Continue reading)

The IESG | 22 Sep 18:01 2014
Picon

Protocol Action: 'An XMPP Sub-protocol for WebSocket' to Proposed Standard (draft-ietf-xmpp-websocket-10.txt)

The IESG has approved the following document:
- 'An XMPP Sub-protocol for WebSocket'
  (draft-ietf-xmpp-websocket-10.txt) as Proposed Standard

This document is the product of the Extensible Messaging and Presence
Protocol Working Group.

The IESG contact persons are Richard Barnes and Alissa Cooper.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-xmpp-websocket/

Technical Summary:

This document defines a binding for the XMPP protocol over a
WebSocket transport layer.  A WebSocket binding for XMPP provides
higher performance than BOSH, the current HTTP binding for XMPP 
(which uses HTTP long polling).

Working Group Summary:

Work on a WebSocket binding for XMPP began in 2010 with the first
version of draft-moffitt-xmpp-over-websocket and related code in 
several XMPP projects. Since then, implementation and deployment
experience has led to several changes, most notably:

a. An explicit framing mechanism for opening and closing XMPP steams
   over the WebSocket binding using complete XML elements, instead
   of the opening and closing <stream> and </stream> tags as in the
   TCP binding specified in RFC 6120.
(Continue reading)

internet-drafts | 11 Sep 04:48 2014
Picon

I-D Action: draft-ietf-xmpp-websocket-10.txt


A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Extensible Messaging and Presence Protocol Working Group of the IETF.

        Title           : An XMPP Sub-protocol for WebSocket
        Authors         : Lance Stout
                          Jack Moffitt
                          Eric Cestari
	Filename        : draft-ietf-xmpp-websocket-10.txt
	Pages           : 17
	Date            : 2014-09-10

Abstract:
   This document defines a binding for the XMPP protocol over a
   WebSocket transport layer.  A WebSocket binding for XMPP provides
   higher performance than the current HTTP binding for XMPP.

The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-xmpp-websocket/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-xmpp-websocket-10

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-xmpp-websocket-10

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
(Continue reading)

Simon Josefsson | 13 Aug 22:55 2014

RFC 6120 CA cert keyUsage digitalSignature bit requirement?

Hi,

I'm generating certificates for use in a XMPP environment, and I'm
seeking clarification of one aspect of RFC 6120:

   The following rules apply to certification authority (CA)
   certificates that are used by issuers of XMPP end entity
   certificates:
...
   2.  The certificate MUST contain a keyUsage extension with the
       digitalSignature bit set.

My question: Why is the digitalSignature bit a requirement?

Speculation: Was the keyCertSign bit intended here?  Reading RFC 5280 it
seems the keyCertSign would be more appropriate than digitalSignature.
What non-certificate/CRL objects is it that XMPP environments expect to
be signed by the CA?

      KeyUsage ::= BIT STRING {
           digitalSignature        (0),
...
           keyCertSign             (5),
...
      The digitalSignature bit is asserted when the subject public key
      is used for verifying digital signatures, other than signatures on
      certificates (bit 5) and CRLs (bit 6), such as those used in an
      entity authentication service, a data origin authentication
      service, and/or an integrity service.
...
(Continue reading)

internet-drafts | 12 Aug 01:09 2014
Picon

I-D Action: draft-ietf-xmpp-websocket-09.txt


A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Extensible Messaging and Presence Protocol Working Group of the IETF.

        Title           : An XMPP Sub-protocol for WebSocket
        Authors         : Lance Stout
                          Jack Moffitt
                          Eric Cestari
	Filename        : draft-ietf-xmpp-websocket-09.txt
	Pages           : 16
	Date            : 2014-08-11

Abstract:
   This document defines a binding for the XMPP protocol over a
   WebSocket transport layer.  A WebSocket binding for XMPP provides
   higher performance than the current HTTP binding for XMPP.

The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-xmpp-websocket/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-xmpp-websocket-09

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-xmpp-websocket-09

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
(Continue reading)


Gmane