[jdev] x509 client authorization
Justin Karneges
justin-keyword-jabber.093179 at affinix.com
Sun Mar 28 12:22:33 CST 2004
I have been able to authenticate using x509, but between servers. It's the
same for clients though.
If you do it, just make sure you follow the standard, which is to provide the
certificate via the TLS handshake, and use the SASL "EXTERNAL" mechanism to
signify that the cert is to be used for authentication. This is all part of
XMPP 1.0.
You mention jabberd, but not the version. You'll have better luck with this
in jabberd2, as it already supports XMPP 1.0. I don't recommend trying to
retrofit this onto jabberd1.
-Justin
On Sunday 28 March 2004 4:00 am, Ian Stokes-Rees wrote:
> I am interested to contributing to effort to put x509 client
> authorization into jabberd. I have a fair bit of experience with x509
> digital certificates. I just want to link up with whoever might have
> already begun this effort.
>
> Cheers,
>
> Ian.
More information about the JDev
mailing list