[Standards] Proposed XMPP Extension: Client Certificate Management for SASL EXTERNAL

Philipp Hancke fippo at goodadvice.pages.de
Thu Dec 4 10:09:06 UTC 2008

XMPP Extensions Editor schrieb:
> The XMPP Extensions Editor has received a proposal for a new XEP.
> Title: Client Certificate Management for SASL EXTERNAL
> Abstract: This specification defines a method to manage client certificates that can be used with SASL External to allow clients to log in without a password.
> URL: http://www.xmpp.org/extensions/inbox/sasl-external-cert-handling.html
> The XMPP Council will decide at its next meeting whether to accept this proposal as an official XEP.

why does the client generate the certificate? Sending a CSR to the
server and signing it there (which may take a long time) seems
easier from the certificate managment point of view. And it results
in a certificate signed by an entity that the server trusts.


More information about the Standards mailing list