From 39dc6b241f901b5ca32583d69503b482d1e32cdf Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Wed, 9 Nov 2022 13:18:20 +0100 Subject: [PATCH 1/2] Pubsub Targeted Encryption: Fix wording and typos --- inbox/pubsub-targeted-encryption.xml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/inbox/pubsub-targeted-encryption.xml b/inbox/pubsub-targeted-encryption.xml index 996d037cc..04831acbc 100644 --- a/inbox/pubsub-targeted-encryption.xml +++ b/inbox/pubsub-targeted-encryption.xml @@ -42,14 +42,14 @@

This is fine for most use cases, however it may be desirable to only encrypt a few items with properties such as Perfect Forward Secrecy. This specification describes a way on how to do that by adapting existing end-to-end encryption algorithms used in instant messaging to pubsub items. This may be used to implement restricted items (a feature known is some other software such as "aspects" or "circles") or for transient nodes.

-

The design goal of this specification is do adapt simply existing e2e encryption algorithms used for messages to pubsub items.

+

The design goal of this specification is to simply adapt existing e2e encryption algorithms used for messages to pubsub items.

 -

Juliet holds a public blog using &xep0277;. However, she wants to publish a new items that should be visible only to some well targeted users. To do so she encrypt the payload in the same way as she encrypt messages with algorithm such as &xep0384;. She wrap the encrypted payload in an <encrypted/> element qualified by the 'urn:xmpp:pte:0' namespace which MUST have a 'by' attribute with its own bare jid as value, and which MUST have a 'type' attribute whose value is the namespace of the algorithm used.

-

She decides to use &xep0384; to encrypt her items, her client publish an item like this:

- Juliet holds a public blog using &xep0277;. However, she wants to publish a new items that should be visible only to some well targeted users. To do so she encrypts the payload in the same way as she encrypts messages with an e2e encryption algorithm such as &xep0384;. She wraps the encrypted payload in an <encrypted/> element qualified by the 'urn:xmpp:pte:0' namespace which MUST have a 'by' attribute with her own bare jid as value, and which MUST have a 'type' attribute whose value is the namespace of the algorithm used.

+

She decides to use &xep0384; to encrypt her items, her client publishes an item like this:

+ @@ -74,11 +74,11 @@ -

The properties of the encryption algorithm applies. For instance in the case of &xep0384;, there Perfect Forward Secrecy, meaning that once an item has been decrypted once by a targeted entity, it can't be decrypted anymore. Client shoud then handle pubsub caching of the decrypted item when necessary.

+

The properties of the encryption algorithm apply. For instance, in the case of &xep0384;, there is the propery of Perfect Forward Secrecy, meaning that once an item has been decrypted once by a targeted entity, it can't be decrypted anymore. Clients should then handle pubsub caching of the decrypted item when necessary.

 -

If a client supports the protocol specified in this XEP, it MUST advertise it by including the "urn:xmpp:pte:0" discovery feature in response to a &xep0030; information request, Then the supported encryption algorithms are announced as explained in their respective XEPs.

+

If a client supports the protocol specified in this XEP, it MUST advertise it by including the "urn:xmpp:pte:0" discovery feature in response to a &xep0030; information request, furthermore, the supported encryption algorithms are announced as explained in their respective XEPs.

Date: Wed, 9 Nov 2022 14:23:23 +0100 Subject: [PATCH 2/2] Fix another typo --- inbox/pubsub-targeted-encryption.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inbox/pubsub-targeted-encryption.xml b/inbox/pubsub-targeted-encryption.xml index 04831acbc..525c7cbba 100644 --- a/inbox/pubsub-targeted-encryption.xml +++ b/inbox/pubsub-targeted-encryption.xml @@ -47,7 +47,7 @@ -

Juliet holds a public blog using &xep0277;. However, she wants to publish a new items that should be visible only to some well targeted users. To do so she encrypts the payload in the same way as she encrypts messages with an e2e encryption algorithm such as &xep0384;. She wraps the encrypted payload in an <encrypted/> element qualified by the 'urn:xmpp:pte:0' namespace which MUST have a 'by' attribute with her own bare jid as value, and which MUST have a 'type' attribute whose value is the namespace of the algorithm used.

+

Juliet holds a public blog using &xep0277;. However, she wants to publish a new item that should be visible only to some well targeted users. To do so she encrypts the payload in the same way as she encrypts messages with an e2e encryption algorithm such as &xep0384;. She wraps the encrypted payload in an <encrypted/> element qualified by the 'urn:xmpp:pte:0' namespace which MUST have a 'by' attribute with her own bare jid as value, and which MUST have a 'type' attribute whose value is the namespace of the algorithm used.

She decides to use &xep0384; to encrypt her items, her client publishes an item like this: