[standards-jig] Advanced authentication

jsiegle at psu.edu jsiegle at psu.edu
Mon May 6 14:38:08 UTC 2002


On Mon, 6 May 2002, Robert Norris wrote:

> > > So, where do we go from here? I still don't have a problem with AAF as
> > > it stands; I don't see any fundamental flaws in it. Should we be doing
> > > SASL, even though it down essentially the same job, or just continue
> > > refining AAF?
> > 
> > I still think that if there is a way to do it, sticking with SASL is best.
> > I'd be looking for an absolutely must have feature or order of magnitude
> > improvement in order to justify rolling your own system.  Of course, I seem
> > to be in the minority on this view in the Jabber community so you can also
> > take my comment as a single vote and not any group thought.  :)  Many Jabber
> > enthusiasts definitely like rolling their own solutions.
> 
> As I've said, I think the requirements stipulated by SASL are not well
> suited to Jabber, and that AAF does essentially the same job anyway. It
> would take some contortions and hoop jumping to make SASL fit with
> Jabber, effort that I'm not sure is required. It is still possible to
> build any SASL mechanism on top of AAF.
> 
> What do others think? I'd like more than two opinions before I take this
> any further. Or should I take the relative silence about this to mean
> that more complex authentication is not really a need for people?

I have been using dce(uses kerb5) for jabber authentication. I
tried pushing kerberos here many months ago but was pretty much told off
and decided to stop pushing the matter. I wrote a mod_auth_kerberos
module when I was looking at kerberos auth. It uses
user-user(mkreq/rdreq) for the auth. I haven't looked at SASL yet. 
My code is kind of ugly but if I can find it I can throw it your way(if
you are interested).
> 
> Rob.
> 
> -- 
> Robert Norris                                       GPG: 1024D/FC18E6C2
> Email+Jabber: rob at cataclysm.cx                Web: http://cataclysm.cx/
> 

Jonathan Siegle                 Center for Academic Computing
jsiegle at psu.edu                 Penn State University





More information about the Standards mailing list