GitLab

phenomenon

The current implementation of SSL/TLS in python-nbxmpp uses CA certificates for PKI mechanism. There is currently 141 CA certificates in cacerts.pem in Gajim, any of these CA can sign certificate which can used to do MiTM attack on any XMPP servers. There have been instances where Certificate Authorities have issued fraudulent certificates: Comodo DigiNotar TurkTrust

background analysis

The SCRAM-SHA-1-PLUS authentication mechanisms RFC 5802 supports channel binding to the TLS channel. So any tampering with TLS connection will cause authentication failure, allows to detect MiTM attack.

implementation recommendation

Server jabber.org supports SCRAM-SHA-1-PLUS authentication mechanisms, so it can be used for testing of the implementation.

SSL in Python 3.3 supports Channel binding data http://docs.python.org/3/library/ssl.html#ssl.SSLSocket.get_channel_binding