[Standards] Loopback Authentication

Ralph Meijer jabber.org at ralphm.ik.nu
Thu Feb 1 16:34:09 UTC 2007


On Thu, 2007-02-01 at 09:23 -0700, Peter Saint-Andre wrote:
> Matthias Wimmer wrote:
> 
> > It is all one (already defined) SASL mechanism: EXTERNAL. We also did 
> > not need to define EXTERNAL for authentication using certificates, we 
> > just wrote an informational XEP to help people implementing the existing 
> > standard (RFC 4422, Appendix A).
> 
> Maybe XEP-0178 needs to be clearly labelled as "Best Practices for Use 
> of SASL EXTERNAL with Certificates"? I realize there are other ways to 
> use SASL EXTERNAL, but they are not familiar to me (IPSec etc.).

Yes, that sounds reasonable. On the other hand, we could extend this XEP
to mention other avenues of identity verification as the SASL part is
mostly the same. I'd hate to see different uses of the authorization
identity, for example.

-- 
Groetjes,

ralphm




More information about the Standards mailing list