[Security] TLS Certificates Verification

Peter Saint-Andre stpeter at stpeter.im
Tue Aug 19 12:57:16 CDT 2008


Eric Rescorla wrote:

>  I don't know if XMPP stacks can typically use SASL, so that would presumably be
> relevant to the PSK versus SASL question. And note that again you can just use
> the session cache: you don't need to learn the certs necessarily.

Yes, we use SASL for authentication of a client to a server, and less 
commonly for server-to-server authentication as well. It's all defined 
in Section 6 of RFC 3920.

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080819/920576be/attachment-0001.bin 


More information about the Security mailing list