[Standards] Loopback Authentication

Peter Saint-Andre stpeter at jabber.org
Thu Feb 1 16:52:50 UTC 2007


Ralph Meijer wrote:
> On Thu, 2007-02-01 at 09:23 -0700, Peter Saint-Andre wrote:
>> Matthias Wimmer wrote:
>>
>>> It is all one (already defined) SASL mechanism: EXTERNAL. We also did 
>>> not need to define EXTERNAL for authentication using certificates, we 
>>> just wrote an informational XEP to help people implementing the existing 
>>> standard (RFC 4422, Appendix A).
>> Maybe XEP-0178 needs to be clearly labelled as "Best Practices for Use 
>> of SASL EXTERNAL with Certificates"? I realize there are other ways to 
>> use SASL EXTERNAL, but they are not familiar to me (IPSec etc.).
> 
> Yes, that sounds reasonable. On the other hand, we could extend this XEP
> to mention other avenues of identity verification as the SASL part is
> mostly the same. I'd hate to see different uses of the authorization
> identity, for example.

I'd be happy to incorporate other scenarios into XEP-0178 once we figure 
out what those are. :-)

Peter

-- 
Peter Saint-Andre
XMPP Standards Foundation
http://www.xmpp.org/xsf/people/stpeter.shtml

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070201/916990d7/attachment.bin>


More information about the Standards mailing list