Bug 71303 - indicate the connection's level of security
Summary: indicate the connection's level of security
Status: NEW
Alias: None
Product: Telepathy
Classification: Unclassified
Component: gabble (show other bugs)
Version: git master
Hardware: Other All
: medium enhancement
Assignee: Telepathy bugs list
QA Contact: Telepathy bugs list
URL:
Whiteboard:
Keywords: love
Depends on:
Blocks:
 
Reported: 2013-11-06 13:00 UTC by Simon McVittie
Modified: 2013-11-06 13:47 UTC (History)
0 users

See Also:
i915 platform:
i915 features:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Simon McVittie 2013-11-06 13:00:54 UTC
https://github.com/stpeter/manifesto/blob/master/manifesto.txt calls for:

o provide user or administrative interfaces showing:
  o if a given client-to-server or server-to-server connection
    is encrypted, authenticated, or both
  o the version of TLS and the cipher suite in use
  o details about a server's certificate
  o a warning about any changes to a server's certificate

Gabble should provide enough information that Empathy can do this.
Comment 1 Simon McVittie 2013-11-06 13:47:46 UTC
Straw-man design:

Connection.Interface.Securable
    property Encrypted : b, readable
        If true, this connection is known to be encrypted to a reasonable
        level. The definition of "reasonable" is intentionally left vague.

        This can change from false to true, but if it would change
        from true to false, connection managers SHOULD disconnect instead.
        Change notification is via o.fd.DBus.Properties.PropertiesChanged.

    property Authenticated : b, readable
        True if this channel occurs over a connection that is
        protected against tampering, and has been verified to be
        with the desired destination: for instance, one where TLS
        was previously negotiated, and the TLS certificate has
        been verified against a configured certificate authority
        or accepted by the user.

        This can change from false to true, but if it would change
        from true to false, connection managers SHOULD disconnect instead.
        Change notification is via o.fd.DBus.Properties.PropertiesChanged.

    property CipherSuiteID : u, readable
        The numeric ID of the cipher suite from the IETF TLS Cipher Suite
        registry, in the form (first byte * 256) + second byte.
        For instance, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xC0, 0x09)
        is denoted by 49161 (0xC009).

        0 (TLS_NULL_WITH_NULL_NULL) means the connection
        has no effective security. Connection managers MAY use this
        cipher suite ID to represent known-weak cipher suites
        not described in the TLS Cipher Suite registry.

        The maximum 32-bit unsigned integer (4294967295) means the
        connection manager cannot represent the cipher suite in terms
        of the TLS Cipher Suite registry.

        Change notification is via o.fd.DBus.Properties.PropertiesChanged.

    enum {
        Not_TLS = 0,
        SSL_2 = 2*256,
        SSL_3 = 3*256,
        TLS_1_1 = 3*256 + 1, 
        TLS_1_1 = 3*256 + 2,
        TLS_1_2 = 3*256 + 3,
    } TLS_Version;

    property TLSVersion : u (TLS_Version), readable
        The SSL/TLS version in use, in the form (major byte * 256) +
        minor byte, or 0 if the connection is not using SSL/TLS.
        For instance, TLS 1.1 is 3*256 + 2 due to its use of { 3, 2 }
        as the ProtocolVersion.

        Change notification is via o.fd.DBus.Properties.PropertiesChanged.

    property CertificateType : s
        The type of the certificate used to authenticate the server,
        e.g. "x509" or "pgp", as for TLSCertificate, or the empty
        string if a certificate was not used.

        Change notification is via o.fd.DBus.Properties.PropertiesChanged.

    property CertificateChainData : aay (Certificate_Data[])
        The certificate chain, as for TLSCertificate.

        Change notification is via o.fd.DBus.Properties.PropertiesChanged.

Actually implementing this in Gabble will require some contortions: GNUTLS doesn't tell us the cipher suite, only separate values for the key exchange, cipher and MAC. We could maybe replace CipherSuiteID with separate properties, but I'm really keen to outsource this to something like the IETF TLS registry rather than maintaining enums in Telepathy.

If we port Wocky to GTLS (which we should really), we lose the ability to get this information at all, unless we enhance GTLS...


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.