[Standards] Loopback Authentication
stpeter at jabber.org
Thu Feb 1 17:04:29 UTC 2007
Matthias Wimmer wrote:
> Peter Saint-Andre schrieb:
>>> Yes, that sounds reasonable. On the other hand, we could extend this XEP
>>> to mention other avenues of identity verification as the SASL part is
>>> mostly the same. I'd hate to see different uses of the authorization
>>> identity, for example.
>> I'd be happy to incorporate other scenarios into XEP-0178 once we
>> figure out what those are. :-)
> I don't think we need them there. EXTERNAL is already fully defined by
> RFC 4422. So XEP-0178 is not that much about EXTERNAL, but about how to
> map/verify certificate identities to valid authorization identites.
> This is something bound to TLS + EXTERNAL. I don't think that other ways
> of using EXTERNAL could reuse that much definitons, that are already
> present in XEP-0178.
> If there is another usage of EXTERNAL, that needs as much thought as TLS
> + EXTERNAL, I'd prefere that we create an additional XEP. But for the
> other use-cases of EXTERNAL we had already in this thread, I don't think
> this is necessary.
OK, that makes sense. I'll modify the title of XEP-0178, then.
Any other feedback on XEP-0178? It's in Last Call now. :-)
One thing we need to clarify is whether we want to use id-on-xmppAddr
for server and component hostnames, or only for end-user JIDs. IMHO it
might be simpler and less confusing to use dnsName fields for server and
component hostnames and not use id-on-xmppAddr at all for those.
XMPP Standards Foundation
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards