[xmppwg] Review of draft-meyer-xmpp-sasl-cert-management-01
dave at cridland.net
Mon Mar 23 08:08:00 CDT 2009
On Mon Mar 23 12:31:46 2009, Eric Rescorla wrote:
> On Mon, Mar 23, 2009 at 5:25 AM, Dave Cridland <dave at cridland.net>
> > On Mon Mar 23 11:52:45 2009, Eric Rescorla wrote:
> >> Well, obviously, it's a simple matter of programming, but there
> >> a fair amount of daylight between "disastrously tricky" and
> >> inconvenient".
> > For XMPP - which, I repeat, this document addresses - this is
> > "straightforward".
> To be blunt, I'm not convinced.
Then feel free to ask the implementors on either standards at xmpp.org
or jdev at xmpp.org - the most involved part of the code to do this
would be writing code to track what certificate was used to
authenticate which session - the actual termination would be trivial,
and is *very* likely to already exist, since the vast majority of
servers unconditionally terminate existing sessions on conflict, for
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the xmppwg