[guardian-dev] GSoC 2013 proposal: Gibberbot secure file transfers
georg at op-co.de
Wed Feb 27 15:09:19 EST 2013
I would like to suggest that GP stands up as a mentoring organization
for the upcoming Google Summer of Code , with implementing secure
file transfer in Gibberbot/SMACK as the project (feel free to add other
project ideas, though).
Currently, XMPP lacks a way to securely transmit files from one user to
another. Several proposals exist [1-5], but none of them is a finished
standard, and existing implementations are hard to find (so far I only
found Gajim supporting XEP-0116, and Jitsi using SRTP/ZRTP over Jingle).
There are several tasks that need to be accomplished for this:
1. Somebody with a good understanding of crypto handshake protocols
needs to evaluate the proposals and choose which one to implement.
2. Jingle-based file transfers (cleartext, ) need to be implemented
in SMACK (it already supports "regular" file transfers , and their
API should be re-used).
3. Key handshake support needs to be added to SMACK, according to the
4. combine (2) + (3) = encrypted file transfers
5. a Gibberbot frontend needs to be created (I heard one is in the works
Steps 2-5 can be "outsourced" to GSoC students, whereas 1 requires some
effort from the organization.
DISCLAIMER: Of course, I have a personal interest in this affair ;-)
As the project janitor of yaxim  I hope to be able to profit from
encryption support in/with SMACK, so that I can integrate it in my app
as well. Being just a single person, I do not see good chances for being
accepted as a project mentor (and neither do I have the time to
Also, if somebody here knows some Googlers, it could help getting the
 Encrypted Session Negotiation: http://xmpp.org/extensions/xep-0116.html
 Jingle XTLS: http://xmpp.org/extensions/inbox/jingle-xtls.html
 XTLS: http://tools.ietf.org/html/draft-meyer-xmpp-e2e-encryption-02
 E2E Object Encryption: http://tools.ietf.org/html/draft-miller-xmpp-e2e-03
 OTR v3: http://www.cypherpunks.ca/otr/Protocol-v3-4.0.0.html
 Jingle File Transfer: http://xmpp.org/extensions/xep-0234.html
 SI File Transfer: http://xmpp.org/extensions/xep-0096.html
|| http://op-co.de ++ GCS d--(++) s: a C+++ UL+++ !P L+++ !E W+++ N ++
|| gpg: 0x962FD2DE || o? K- w---() O M V? PS+ PE-- Y++ PGP+ t+ 5 R+ ||
|| Ge0rG: euIRCnet || X(+++) tv+ b+(++) DI+++ D- G e++++ h- r++ y? ||
++ IRCnet OFTC OPN ||_________________________________________________||
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 828 bytes
Desc: Digital signature
More information about the Guardian-dev