> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Dave Cridland > Sent: Wednesday, August 20, 2008 12:59 PM > To: XMPP Security > Subject: Re: [Security] TLS Certificates Verification > > On Wed Aug 20 11:22:46 2008, Jonathan Dickinson wrote: > > You could also use SASL External... > > > > > This is quite sensible, although unrelated, if you're suggesting what > I think you might be.
Indeed. > > ... > > I have no idea what you're talking about here, however. > Somehow the user would have different certificates for different resources. This would allow me to assert that jack sent the message and he is at home. More appropriately, if I have 15 killer robots I could give them different resources, but the same bare JID. I would then be able to tell for sure which the message came from (e.g. Arnold manages to catch one and starts impersonating it, but the others are still secure). You could just give each a completely different JID, but somehow this has some attractive properties. > Dave. > -- > Dave Cridland - mailto:[EMAIL PROTECTED] - xmpp:[EMAIL PROTECTED] > - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/ > - http://dave.cridland.net/ > Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
