Hi, In the thread Thread 'Hosted solutions - client/user certs' started by Johansson Olle E. the idea of client cert with SASL came up.
I want to use a new client. I do not trust that client for its life-time. E.g. a mobile phone can get stolen. It would be nice if this client can log into my account without having my password. XEP-0178 defines SASL-EXTERNAL but it is unclear where the certificate comes from. Here a small idea how it could work: 1. I create a certificate with my new client 2. I upload a client certificate to the XEP-0189 pubsub node. Either with a different client or with the new one and it should not store the password I use for login. 3. The XMPP server has access to the pubsub node, in fact, the pubsub node is part of the server. 4. The client logs into the network using SASL-EXTERNAL and its certificate. 5. The server sees the certificate in my pubsub node and grands access. 6. The device gets stolen and I remove the certificate. The client can log in anymore. This sounds strait forward to me but some stuff is important: 1. Once I remove a certificate and the client is still loged in, the server MUST terminate the stream or the bad client can add its certificate again. 2. Who is allowed to add a certificate? Right now all my clients are. Is this a problem if a client with certificate can add another? A bad client can add others before it gets disconnected. Again: is this a problem? We could use the signature stuff again. Only clients signed with my user key can log in. But that will make things a bit complicated for server developer. BTW, if a bad client removes all certificates except its own, you still have control because you always have the password login. Comments on that? And where to put it? XEP-0189? XEP-0178? A new XEP? And a question for server developer: how complicated is it to add a feature like this? Dirk -- My Other car is a beater (On the back of a beater).
