[Security] Hosted solutions - client/user certs
Johansson Olle E
oej at edvina.net
Sun Aug 24 05:22:57 CDT 2008
24 aug 2008 kl. 11.33 skrev Dirk Meyer:
> Dirk Meyer wrote:
>> That is a very, very nice idea. The client could create a certificate
>> (maybe self-signed) and you upload it to the XMPP server to use
>> this. There already is XEP-0178 how to use certificates and not
>> passwords. This is also a very good idea about how to handle a bot if
>> the device is stolen or hacked: I could just remove the certificate.
>> Outline for a XEP: Changing User Credentials
>> 1. A client can add a certificate (self-signed or not does not
>> to the server to use for SASL-EXTERNAL. The verification that this
>> is the correct certificate is out of the scope of that XEP. Each
>> certificate is combined to a name that can not be changed
>> later. This makes it possible for the user to know what clients can
>> log-in and the "not changable" prevents a bad client from renaming
>> 2. A client can remove a certificate at any time. Clients with that
>> certificate can not log in anymore. Optional: if a client is logged
>> in right now it is kicked out. A server must keep track on how a
>> client used SASL.
>> 3. A client can change the password for the account. To do that it
>> needs the old password. This prevents a compromised client with a
>> certificate to lock me out of my account.
>> If I do not trust a client anymore I use my password to remove that
>> client and I'm done.
> Maybe it is a stupid idea, but we may already have 1. and 2. There is
> XEP-0178 using PubSub to upload keys. The PubSub server is part of the
> server in most cases. If it is, the server can search the PubSub nodes
> for certificates used by SASL-EXTERNAL.
I don't know enough about PubSub to comment on that, but it sure sounds
like a useful idea. Anyone else?
More information about the Security