Interface Channel.Interface.Securable

Interface Index (Compact) | Summary | Description | Properties

Properties

Encrypted b Read only Sometimes immutable
Verified b Read only Sometimes immutable
Added in 0.21.5. as stable API
Objects implementing this interface must also implement:

Description

This interface exists to expose security information about Channels. The two properties are sometimes immutable and can be used to make decisions on how cautious to be about transferring sensitive data. The special case of ServerAuthentication channels is one example of where the two properties are immutable.

For example, clients MAY use these properties to decide whether the PLAIN mechanism is acceptable for a SASLAuthentication channel.

Properties

Accessed using the org.freedesktop.DBus.Properties interface.
(Permalink)

Encrypted — b

Read only
Depending on the protocol, this property may be immutable which means that it can never change once the channel has been created. Immutable properties SHOULD appear in the channel detail list of NewChannel signals.

True if this channel occurs over an encrypted connection. This does not imply that steps have been taken to avoid man-in-the-middle attacks.

Rationale:

For future support for RFC 5056 Channel Binding it is desirable to be able to use some SASL mechanisms over an encrypted connection to an unverified peer, which can prove that it is the desired destination during the SASL negotiation.

(Permalink)

Verified — b

Read only
Depending on the protocol, this property may be immutable which means that it can never change once the channel has been created. Immutable properties SHOULD appear in the channel detail list of NewChannel signals.

True if this channel occurs over a connection that is protected against tampering, and has been verified to be with the desired destination: for instance, one where TLS was previously negotiated, and the TLS certificate has been verified against a configured certificate authority or accepted by the user.