[Standards-JIG] Re: mutual auth with SASL
justin-keyword-jabber.093179 at affinix.com
Fri Jun 2 19:13:30 UTC 2006
On Friday 02 June 2006 11:21, Peter Saint-Andre wrote:
> Mutual authentication between client and server would also be cool.
I know you mean client X.509, but before anyone freaks out I just wanted to
say that we certainly have mutual authentication today.
Clients are able to authenticate to the server, we learn this in Jabber
kindergarten. :) And the server can authenticate itself to the client, via
X.509. These have been in common use for years.
> first we need to better define client-side handling of end-user certs
> (and other credentials).
I figured the RFC covered this well enough, but it can't hurt to be more
explicit. What do you think is missing?
More information about the Standards