[Adium-devl] Ticket #8787 (XMPP cert checking)
Peter Saint-Andre
stpeter at stpeter.im
Thu Jan 10 17:47:28 UTC 2008
Ken Raeburn wrote:
> Interesting... I was going to go off and look into my current problem
> further before bringing it up, but since it's come up on the
> list.... There seem to be similar issues in the Kerberos (SASL)
> authentication -- which name to use, and how SRV versus "connect
> server" configuration affects the matter. (In the Kerberos case, you
> don't get something from the server and then have the option of
> checking it against a set of names. You pick the name to
> authenticate to, and it works, or not. Though I suppose maybe you
> could try twice with different names.) I've only just started
> looking into the specs, though....
Yes, there is a Kerberos issue about how you know the principal name of
the connection manager you've actually connected to. We're working to
address that here:
http://www.xmpp.org/extensions/inbox/domain-based-names.html
That one hasn't even been accepted as an official XMPP Extension
Protocol yet, but should be at the next XMPP Council meeting.
Peter
--
Peter Saint-Andre
https://stpeter.im/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://adium.im/pipermail/devel_adium.im/attachments/20080110/9f57f013/attachment.bin>
More information about the devel
mailing list