[Standards-JIG] certificate and private key retreival

maqi at jabberstudio.org maqi at jabberstudio.org
Wed Mar 17 15:03:08 UTC 2004


On Tue, 16 Mar 2004, Ian Paterson wrote:

[Use hashed passwd in place of passwd for login, use passwd for key
encryption, store key on server]
> All of this would allow public key encryption to be 100% transparent to the
> users.
> The key pair could be generated by the client when the account is created
> and sent to the XMPP server.

AFAICS this would break external authentication. For example, say a new
Jabber server gets installed and shall authenticate users against
/etc/passwd. No chance to get this going using your method as there's no
way to compare a SHA1 hash of a password against a crypt/md5 hash (of the
same password).

Regards



More information about the Standards mailing list