Hi, Johansson Olle E wrote: > There are several phone clients for IM, the most recent one I > discovered being MobileChat for iPhone, that builds on a model where I > have to trust them with my credentials for my jabber service. I > don't.
Same here. :) > And if I do trust them, then change my mind, I have to ask my XMPP > server manager to change my password or do it myself, then just hope > that it's going to work out for the best. Then I have to change > password stored in all my clients and devices. There's nothing on the > web site that helps me to evaluate the trust I should put in them and > their service. To help you not contacting the admin would be a XEP to change the password. Sounds like something very usefull to me. > Now, if I could issue a client cert for them, signed with my user > cert, I could revoke that in the server and still keep all my other > credentials valid. That is a very, very nice idea. The client could create a certificate (maybe self-signed) and you upload it to the XMPP server to use this. There already is XEP-0178 how to use certificates and not passwords. This is also a very good idea about how to handle a bot if the device is stolen or hacked: I could just remove the certificate. Outline for a XEP: Changing User Credentials 1. A client can add a certificate (self-signed or not does not matter) to the server to use for SASL-EXTERNAL. The verification that this is the correct certificate is out of the scope of that XEP. Each certificate is combined to a name that can not be changed later. This makes it possible for the user to know what clients can log-in and the "not changable" prevents a bad client from renaming itself. 2. A client can remove a certificate at any time. Clients with that certificate can not log in anymore. Optional: if a client is logged in right now it is kicked out. A server must keep track on how a client used SASL. 3. A client can change the password for the account. To do that it needs the old password. This prevents a compromised client with a certificate to lock me out of my account. If I do not trust a client anymore I use my password to remove that client and I'm done. I like that. Dirk -- Never put off until tomorrow what you can do the day after.
