Skip to main content

Last Call Review of draft-kille-ldap-xmpp-schema-06

Request Review of draft-kille-ldap-xmpp-schema
Requested revision No specific revision (document currently at 10)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2017-09-27
Requested 2017-08-30
Authors Steve Kille
I-D last updated 2017-09-21
Completed reviews Genart Last Call review of -06 by Stewart Bryant (diff)
Secdir Last Call review of -02 by Yoav Nir (diff)
Opsdir Last Call review of -06 by Joel Jaeggli (diff)
Secdir Last Call review of -06 by Yoav Nir (diff)
Assignment Reviewer Yoav Nir
State Completed
Request Last Call review on draft-kille-ldap-xmpp-schema by Security Area Directorate Assigned
Reviewed revision 06 (document currently at 10)
Result Ready
Completed 2017-09-21
The original review is pasted below.

I've reviewed version -06 and all my concerns have been addressed.
Original review:

The document defines a couple of OIDs for associating a Jabber ID with an LDAP
object.  As such, it is very short and straightforward. I'm not too happy with
the Security Considerations section, which I'll quote here in its entirety:

"This schema enables publishing for XMPP JIDs, and care should be taken to
ensure that this information is not accessed inappropriately."

This is rather generic, and it's true for any piece of information stored
anywhere.  If that is all there is to say, the section might as well read "This
document only registers OIDs and has no special security considerations."

However, I think there is a point that may need to be mentioned. Using this
extension links a JID, which is a personal identifier that often appears on the
public Internet (much like an email address), to an LDAP object, which is
usually limited to an organization, usually the employer of that person. This
linkability only exists for people who have access to the LDAP server, so it's
just that users have to take the same care with JIDs that they do with email
addresses - if you don't want your XMPP messages linked to your employer, or
linked to you by your employer, it is better to use a private JID that is not
linked to your employer's LDAP.

This advice to users may be out of scope, but I would like to see a mention
that JIDs are generally public and pseudonymous, and this links them to a real
person within an LDAP domain.