[xmpp] DNA transport
"Richard L. Barnes" <RBARNES@BBN.COM> Fri, 15 January 2010 17:31 UTC
Return-Path: <RBARNES@BBN.COM>
X-Original-To: xmpp@core3.amsl.com
Delivered-To: xmpp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2E9D93A6B05 for <xmpp@core3.amsl.com>; Fri, 15 Jan 2010 09:31:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sy-UOR-m41lr for <xmpp@core3.amsl.com>; Fri, 15 Jan 2010 09:31:17 -0800 (PST)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by core3.amsl.com (Postfix) with ESMTP id 6C6233A67DB for <xmpp@ietf.org>; Fri, 15 Jan 2010 09:31:17 -0800 (PST)
Received: from ros-dhcp192-1-51-107.bbn.com ([192.1.51.107]) by smtp.bbn.com with esmtp (Exim 4.63) (envelope-from <RBARNES@BBN.COM>) id 1NVq0w-0002gm-A8 for xmpp@ietf.org; Fri, 15 Jan 2010 12:31:14 -0500
Message-Id: <2170B6E1-79CA-4F85-A1D2-4564B8806984@BBN.COM>
From: "Richard L. Barnes" <RBARNES@BBN.COM>
To: xmpp@ietf.org
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v936)
Date: Fri, 15 Jan 2010 12:31:13 -0500
X-Mailer: Apple Mail (2.936)
Subject: [xmpp] DNA transport
X-BeenThere: xmpp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: XMPP Working Group <xmpp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/xmpp>
List-Post: <mailto:xmpp@ietf.org>
List-Help: <mailto:xmpp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jan 2010 17:31:19 -0000
Assuming for the moment that we're going to stick with attribute certs: Rather than using both TLS and some new XML to carry DNA information, why not just hand the attribute certs over as part of the TLS negotiation? That is, carrying XMPP authorization certs seems like a natural application of the TLS authorization extensions [1]. That way, implementations can save on the crypto costs (since tls- authz is reportedly already implemented in OpenSSL, GNUTLS, and NSS), and draft-ietf-xmpp-dna can focus on the AC profile. --Richard [1] <http://tools.ietf.org/html/draft-housley-tls-authz-extns-09>
- [xmpp] DNA transport Richard L. Barnes
- Re: [xmpp] DNA transport Stephen Farrell
- Re: [xmpp] DNA transport Richard L. Barnes
- Re: [xmpp] DNA transport Dave Cridland
- Re: [xmpp] DNA transport Jonas Lindberg
- Re: [xmpp] DNA transport Simon Josefsson