[xmppwg] Review of draft-meyer-xmpp-sasl-cert-management-01

Dave Cridland dave at cridland.net
Mon Mar 23 08:08:00 CDT 2009


On Mon Mar 23 12:31:46 2009, Eric Rescorla wrote:
> On Mon, Mar 23, 2009 at 5:25 AM, Dave Cridland <dave at cridland.net>  
> wrote:
> > On Mon Mar 23 11:52:45 2009, Eric Rescorla wrote:
> >>
> >> Well, obviously, it's a simple matter of programming, but there  
> is
> >> a fair amount of daylight between "disastrously tricky" and  
> "fairly
> >> inconvenient".
> >
> > For XMPP - which, I repeat, this document addresses - this is
> > "straightforward".
> 
> To be blunt, I'm not convinced.

Then feel free to ask the implementors on either standards at xmpp.org  
or jdev at xmpp.org - the most involved part of the code to do this  
would be writing code to track what certificate was used to  
authenticate which session - the actual termination would be trivial,  
and is *very* likely to already exist, since the vast majority of  
servers unconditionally terminate existing sessions on conflict, for  
example.

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade


More information about the xmppwg mailing list