summaryrefslogtreecommitdiff
path: root/spec/Channel_Interface_Securable.xml
blob: d9d97139484a71a0f57f53968f5e3dcf630ad381 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
<?xml version="1.0" ?>
<node name="/Channel_Interface_Securable"
  xmlns:tp="http://telepathy.freedesktop.org/wiki/DbusSpec#extensions-v0">
  <tp:copyright>Copyright (C) 2010 Collabora Ltd.</tp:copyright>

  <tp:license xmlns="http://www.w3.org/1999/xhtml">
    <p>This library is free software; you can redistribute it and/or
      modify it under the terms of the GNU Lesser General Public
      License as published by the Free Software Foundation; either
      version 2.1 of the License, or (at your option) any later version.</p>

    <p>This library is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
      Lesser General Public License for more details.</p>

    <p>You should have received a copy of the GNU Lesser General Public
      License along with this library; if not, write to the Free Software
      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
      USA.</p>
  </tp:license>

  <interface name="org.freedesktop.Telepathy.Channel.Interface.Securable">
    <tp:added version="0.21.5">as stable API</tp:added>
    <tp:requires interface="org.freedesktop.Telepathy.Channel"/>

    <tp:docstring xmlns="http://www.w3.org/1999/xhtml">
      <p>This interface exists to expose security information about
        <tp:dbus-ref namespace="ofdT">Channel</tp:dbus-ref>s. The two
        properties are sometimes immutable and can be used to make
        decisions on how cautious to be about transferring sensitive
        data. The special case of <tp:dbus-ref
        namespace="ofdT.Channel.Type">ServerAuthentication</tp:dbus-ref>
        channels is one example of where the two properties are
        immutable.</p>

      <p>For example, clients MAY use these properties to decide
        whether the <code>PLAIN</code> mechanism is acceptable for a
        <tp:dbus-ref
        namespace="ofdT.Channel.Interface">SASLAuthentication</tp:dbus-ref>
        channel.</p>
    </tp:docstring>

    <property name="Encrypted"
      tp:name-for-bindings="Encrypted" type="b"
      access="read" tp:immutable="sometimes">
      <tp:docstring xmlns="http://www.w3.org/1999/xhtml">
        <p>True if this channel occurs over an encrypted
          connection. This <strong>does not</strong> imply that steps
          have been taken to avoid man-in-the-middle attacks.</p>

        <tp:rationale>
          <p>For future support for <a
              href="http://tools.ietf.org/html/rfc5056">RFC 5056 Channel
              Binding</a> it is desirable to be able to use some SASL
            mechanisms over an encrypted connection to an unverified peer,
            which can prove that it is the desired destination during
            the SASL negotiation.</p>
        </tp:rationale>
      </tp:docstring>
    </property>

    <property name="Verified"
      tp:name-for-bindings="Verified" type="b"
      access="read" tp:immutable="sometimes">
      <tp:docstring xmlns="http://www.w3.org/1999/xhtml">
        <p>True if this channel occurs over a connection that is
          protected against tampering, and has been verified to be with
          the desired destination: for instance, one where TLS was
          previously negotiated, and the TLS certificate has been
          verified against a configured certificate authority or
          accepted by the user.</p>
      </tp:docstring>
    </property>

  </interface>
</node>
<!-- vim:set sw=2 sts=2 et ft=xml: -->