Bug 71303

Summary: indicate the connection's level of security
Product: Telepathy Reporter: Simon McVittie <smcv>
Component: gabbleAssignee: Telepathy bugs list <telepathy-bugs>
Status: NEW --- QA Contact: Telepathy bugs list <telepathy-bugs>
Severity: enhancement    
Priority: medium Keywords: love
Version: git master   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:

Description Simon McVittie 2013-11-06 13:00:54 UTC
https://github.com/stpeter/manifesto/blob/master/manifesto.txt calls for:

o provide user or administrative interfaces showing:
  o if a given client-to-server or server-to-server connection
    is encrypted, authenticated, or both
  o the version of TLS and the cipher suite in use
  o details about a server's certificate
  o a warning about any changes to a server's certificate

Gabble should provide enough information that Empathy can do this.
Comment 1 Simon McVittie 2013-11-06 13:47:46 UTC
Straw-man design:

Connection.Interface.Securable
    property Encrypted : b, readable
        If true, this connection is known to be encrypted to a reasonable
        level. The definition of "reasonable" is intentionally left vague.

        This can change from false to true, but if it would change
        from true to false, connection managers SHOULD disconnect instead.
        Change notification is via o.fd.DBus.Properties.PropertiesChanged.

    property Authenticated : b, readable
        True if this channel occurs over a connection that is
        protected against tampering, and has been verified to be
        with the desired destination: for instance, one where TLS
        was previously negotiated, and the TLS certificate has
        been verified against a configured certificate authority
        or accepted by the user.

        This can change from false to true, but if it would change
        from true to false, connection managers SHOULD disconnect instead.
        Change notification is via o.fd.DBus.Properties.PropertiesChanged.

    property CipherSuiteID : u, readable
        The numeric ID of the cipher suite from the IETF TLS Cipher Suite
        registry, in the form (first byte * 256) + second byte.
        For instance, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC0, 0x09)
        is denoted by 49161 (0xC009).

        0 (TLS_NULL_WITH_NULL_NULL) means the connection
        has no effective security. Connection managers MAY use this
        cipher suite ID to represent known-weak cipher suites
        not described in the TLS Cipher Suite registry.

        The maximum 32-bit unsigned integer (4294967295) means the
        connection manager cannot represent the cipher suite in terms
        of the TLS Cipher Suite registry.

        Change notification is via o.fd.DBus.Properties.PropertiesChanged.

    enum {
        Not_TLS = 0,
        SSL_2 = 2*256,
        SSL_3 = 3*256,
        TLS_1_1 = 3*256 + 1, 
        TLS_1_1 = 3*256 + 2,
        TLS_1_2 = 3*256 + 3,
    } TLS_Version;

    property TLSVersion : u (TLS_Version), readable
        The SSL/TLS version in use, in the form (major byte * 256) +
        minor byte, or 0 if the connection is not using SSL/TLS.
        For instance, TLS 1.1 is 3*256 + 2 due to its use of { 3, 2 }
        as the ProtocolVersion.

        Change notification is via o.fd.DBus.Properties.PropertiesChanged.

    property CertificateType : s
        The type of the certificate used to authenticate the server,
        e.g. "x509" or "pgp", as for TLSCertificate, or the empty
        string if a certificate was not used.

        Change notification is via o.fd.DBus.Properties.PropertiesChanged.

    property CertificateChainData : aay (Certificate_Data[])
        The certificate chain, as for TLSCertificate.

        Change notification is via o.fd.DBus.Properties.PropertiesChanged.

Actually implementing this in Gabble will require some contortions: GNUTLS doesn't tell us the cipher suite, only separate values for the key exchange, cipher and MAC. We could maybe replace CipherSuiteID with separate properties, but I'm really keen to outsource this to something like the IETF TLS registry rather than maintaining enums in Telepathy.

If we port Wocky to GTLS (which we should really), we lose the ability to get this information at all, unless we enhance GTLS...

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.