[JDEV] Security in XMPP/Jabber: some questions
Robert Norris
rob at cataclysm.cx
Sun May 25 19:33:09 CDT 2003
> if we take a closer look about SASL there's kerberos, tsl - that is
> the ietf version of netscape's ssl ver 3 , GSSAPI - i've to admit that
> i didnt understand this mechanism much , s/key and external mechanisms
> of authentication... and my question is, why not a simple
> authentication using the pki and based on certification authorities?
Mostly because it requires a PKI, which not everyone has easy access to.
Of course, this kind of thing is still possible - TLS + certificatie
authentication + SASL EXTERNAL will do the job just nicely.
We cater to all worlds if we use both TLS and SASL.
Rob.
--
Robert Norris GPG: 1024D/FC18E6C2
Email+Jabber: rob at cataclysm.cx Web: http://cataclysm.cx/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://www.jabber.org/jdev/attachments/20030526/64fbfa1b/attachment-0002.pgp>
More information about the JDev
mailing list