[standards-jig] Advanced authentication
jabber_dev at hotmail.com
Mon Apr 15 21:44:10 UTC 2002
Glad you have started doing this. I have been meaning to do something very
similar for quite some time now, in fact, I think we discussed SASL support
some time back (when we had a security jig :-))
I have not yet read your proposal, but just curious, any reasons why you
want to propose something 'similar' to SASL? I will try and look at it
sometime later today and hopefully we can get some discussions going.
Thanks for taking the initiative.
>From: Robert Norris <rob at cataclysm.cx>
>Reply-To: standards-jig at jabber.org
>To: standards-jig at jabber.org
>Subject: [standards-jig] Advanced authentication
>Date: Mon, 15 Apr 2002 15:05:11 +1000
>I've put together a proposal called the "Advanced Authentication
>Framework". It is designed to build more complex authentication
>mechanisms than what is currently possible under the jabber:iq:auth
>namespace (eg public key, Kerberos, etc). Kinda like SASL.
>I've also written proposals for plaintext, digest and zero-knowledge
>authentication that sits on top of this framework, and a new one (public
>key), as an example of what we can do with it that can't be done with
>the existing system.
>My motivation for this is that as part of trying to sell Jabber to my
>employer (if I get funding - hopefully next year), it will eventually
>need to do client certificate authentication, since that is way things
>are moving at the moment.
>I'm not submitting it to the council just yet, because I know the
>proposals as they stand are not complete. Also, I want to get some
>comments and discussion to make sure that I am going about this the
>So, if you're interested, I'd appreciate you taking a look, and posting
>some comments to the list:
>Robert Norris GPG: 1024D/FC18E6C2
>Email+Jabber: rob at cataclysm.cx Web: http://cataclysm.cx/
><< attach3 >>
MSN Photos is the easiest way to share and print your photos:
More information about the Standards