Eric Rescorla wrote:
I don't know if XMPP stacks can typically use SASL, so that would presumably be relevant to the PSK versus SASL question. And note that again you can just use the session cache: you don't need to learn the certs necessarily.
Yes, we use SASL for authentication of a client to a server, and less commonly for server-to-server authentication as well. It's all defined in Section 6 of RFC 3920.
/psa
smime.p7s
Description: S/MIME Cryptographic Signature
