On 10/16/10 7:13 PM, Kurt Zeilenga wrote: > > On Oct 14, 2010, at 4:32 AM, Dave Cridland wrote: > >> So this means writing a SASL-in-77 spec (not impossible), and >> working on a signing spec (Kurt, with whom I work, proposed >> XEP-0285, but I think we've convinced him into a different >> approach now). > > Well I think I and another colleague have convinced some that an > approach I previously proposed is generally more suitable. :-) That > is, I've long preferred an 'encapsulated' approaches over > 'encapsulating' approaches for a number of reasons. XEP 285 came > about due to some folks pushing back I got from the encapsulated XML > DSIG approach discussed in XEP 274, in particular how XML elements > were referenced from the manifest being signed and the > canonicalization requirements, as well as general dependency on XML > DSIG. > > My current plan is to introduce a 'simplified' encapsulated > specification and then let the community/market decide which to > progress. I hope to have this alternative drafted in the next few > weeks. > > And, yes, this could be used as a way to 'authenticate' authorized > users into rooms (clients can sign the join stanzas, the MUC service > can verify those signatures, and then choose whether to allow the > join or not).
That seems a lot less flexible than SASL, because you're basically allowing only certificate-based authentication. But maybe I'm missing someting about your proposal... Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ JDev mailing list Forum: http://www.jabberforum.org/forumdisplay.php?f=20 Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
