[Council] JEP-0034

David Waite mass at akuma.org
Thu Jul 25 15:16:30 CDT 2002


I was wondering if you would lead by example ;-)

-1, but only because I _do_ want to see a server-to-server example, or 
an explanation here that such functionality needs to be in a separate JEP.

Note that the features that SASL provides are really only usable for 
enforcing the policy of the server administrator, and provide little 
value to the user. Authentication and SSL on a server to server 
connection means _nothing_ to the user, because the user cannot verify 
within their client that the remote server is authentic (they assume 
so), and have no knowledge that the complete channel to any services or 
users is secure. Authentication is normally not used as validation of 
authenticity as it is in dialback; it is used to verify a correspondance 
to a specific set of identities for access control.

With that said, I think that server-to-server support for SASL is a very 
valuable, even required feature for parties who wish to interconnect, 
but do not wish to be open to the entire network of servers.

-David Waite

Peter Saint-Andre wrote:

>BTW, I vote +1, although I would really like to see a server-to-server
>example in this JEP. Hopefully I won't have to change my vote to -1 in
>order to make that happen. :)
>
>Peter
>
>--
>Peter Saint-Andre
>Jabber Software Foundation
>http://www.jabber.org/people/stpeter.html
>
>On Tue, 23 Jul 2002, Peter Saint-Andre wrote:
>
>  
>
>>Anyone else care to vote on this one? Mike and Oliver have voted +1 but
>>everyone else has been silent so far.
>>
>>Peter
>>




More information about the Council mailing list