[Security] Hosted solutions - client/user certs

Johansson Olle E oej at edvina.net
Sun Aug 24 05:22:57 CDT 2008


24 aug 2008 kl. 11.33 skrev Dirk Meyer:

> Dirk Meyer wrote:
>> That is a very, very nice idea. The client could create a certificate
>> (maybe self-signed) and you upload it to the XMPP server to use
>> this. There already is XEP-0178 how to use certificates and not
>> passwords. This is also a very good idea about how to handle a bot if
>> the device is stolen or hacked: I could just remove the certificate.
>>
>> Outline for a XEP: Changing User Credentials
>>
>> 1. A client can add a certificate (self-signed or not does not  
>> matter)
>>   to the server to use for SASL-EXTERNAL. The verification that this
>>   is the correct certificate is out of the scope of that XEP. Each
>>   certificate is combined to a name that can not be changed
>>   later. This makes it possible for the user to know what clients can
>>   log-in and the "not changable" prevents a bad client from renaming
>>   itself.
>>
>> 2. A client can remove a certificate at any time. Clients with that
>>   certificate can not log in anymore. Optional: if a client is logged
>>   in right now it is kicked out. A server must keep track on how a
>>   client used SASL.
>>
>> 3. A client can change the password for the account. To do that it
>>   needs the old password. This prevents a compromised client with a
>>   certificate to lock me out of my account.
>>
>> If I do not trust a client anymore I use my password to remove that
>> client and I'm done.
>
> Maybe it is a stupid idea, but we may already have 1. and 2. There is
> XEP-0178 using PubSub to upload keys. The PubSub server is part of the
> server in most cases. If it is, the server can search the PubSub nodes
> for certificates used by SASL-EXTERNAL.
>

I don't know enough about PubSub to comment on that, but it sure sounds
like a useful idea. Anyone else?

/O 


More information about the Security mailing list