[jdev] Consistent JIDs across multiple XMPP servers
Norman Rasmussen
norman at rasmussen.co.za
Fri Apr 4 10:44:47 CDT 2008
On Fri, Apr 4, 2008 at 4:47 PM, Fabio Forno <fabio.forno at gmail.com> wrote:
> On Fri, Apr 4, 2008 at 10:06 AM, Norman Rasmussen
> <norman at rasmussen.co.za> wrote:
>
> > I like this, what about some sort of GPG/PUB-KEY based authentication
> > with the gateway? Also you'd want the "registration" to be temporary
> > only, and it should fall away once the client disconnects (after all
> > it's never going to be seen again). Would just a GPG signed presence
> > be good enough to authenticate and log in to the gateway?
>
> GPG presence is good only if each presence packet has an unique token
> that changes each time, otherwise the gateway will be always
> authorized. For this purpose, one time login, a sequence of
> cryptographically computed authentication tokens should be the best
> solution. When you register with the gateway you pass you jid and the
> one-time auth token, then the gateway uses it for connecting with the
> server and, after the session is gone, the token is useless.
sorry, you mis-read that.. I was talking about the mobile-client to
gateway connection, and not the gateway to master server connection.
(There's no reason to traditionally register with the gateway because
it's a once-off session that could be started with a signed presense)
as to how each gateway will talk back to the master server, that's a
difference issue. I was thinking you could pre-register the GPG key
in the gateway (to jid/pwd/etc) so that knew which external server to
connect to.
--
- Norman Rasmussen
- Email: norman at rasmussen.co.za
- Home page: http://norman.rasmussen.co.za/
More information about the JDev
mailing list