[Standards] Password protected rooms
dave at cridland.net
Thu Feb 12 10:57:49 UTC 2009
On Wed Feb 11 18:45:34 2009, Justin Karneges wrote:
> There are quite many XMPP services (bots and such) that you
> authenticate with
> just by JID. Why would those things be okay, but MUC is somehow
> more secure
> and requires a password?
Well, yes - in a perfect world, we'd sign stanzas with X.509
certificates, and it's that thinking that makes me want to use X.509
as our identity basis now.
I think it's not *yet* practical to go down that road, though - I
don't think XML canonicalization libraries exist in sufficient
quantity, and I don't think we want to demand that stanzas are signed
individually yet. (I'd love to be proven wrong on this).
But in a year or so, this might become a practical option, in which
case pubsub nodes, MUC rooms, and bots can simply "require signing"
somehow, and all will be right with the world.
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the Standards