[Standards] Loopback Authentication
stpeter at jabber.org
Thu Feb 1 16:52:50 UTC 2007
Ralph Meijer wrote:
> On Thu, 2007-02-01 at 09:23 -0700, Peter Saint-Andre wrote:
>> Matthias Wimmer wrote:
>>> It is all one (already defined) SASL mechanism: EXTERNAL. We also did
>>> not need to define EXTERNAL for authentication using certificates, we
>>> just wrote an informational XEP to help people implementing the existing
>>> standard (RFC 4422, Appendix A).
>> Maybe XEP-0178 needs to be clearly labelled as "Best Practices for Use
>> of SASL EXTERNAL with Certificates"? I realize there are other ways to
>> use SASL EXTERNAL, but they are not familiar to me (IPSec etc.).
> Yes, that sounds reasonable. On the other hand, we could extend this XEP
> to mention other avenues of identity verification as the SASL part is
> mostly the same. I'd hate to see different uses of the authorization
> identity, for example.
I'd be happy to incorporate other scenarios into XEP-0178 once we figure
out what those are. :-)
XMPP Standards Foundation
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards