[Standards] Proposed XMPP Extension: Remote Authentication
dave at cridland.net
Thu Dec 2 17:06:28 UTC 2010
On Thu Dec 2 15:47:04 2010, Peter Saint-Andre wrote:
> Another idea: client auto-generates a cert for me and I register it
> my server when I register an account (or after the first login).
If you're reliant on the server to "vouch" for your public key (which
is all the certificate is, here), then you're effectively treating
the server as a kind of quasi-CA - it is asserting that the
certificate is yours.
It also means that remote entities must:
a) Trust your server to make that assertion.
b) Authenticate your server.
However, both are essentially true anyway, aren't they?
We assume that if the server jabber.org says a stanza is from
stpeter at jabber.org, then it's being honest, and we assume that a
server really is jabber.org and able to make that assertion by
authenticating it (either with X.509 or DNS, whichever our server
So my general feeling here is that in terms of authentication, such a
pattern actually gains us nothing. It intuitively *feels* like it
should, of course, but I can't see what it does actually gain.
(FWIW, I wondered for some time about clients generating a CSR and
having servers actually be PKIX CAs, but that equally gains nothing,
except adding lots more exciting-looking X.509).
Of course, if the certificate is signed by a trusted party (ie, a
real CA), then everything changes - the server cannot advertise a
false certificate any longer, so the situation is entirely different.
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the Standards