[Psi-devel] JEP-0070 support
Maciek Niedzielski
machekku at uaznia.net
Fri Jun 30 06:35:38 PDT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Remko Troncon wrote:
>> I don't remember if this was Kev or Remko saying that you treat me as
>> SoC student working for Psi :)
>
> And ... what does it do ? :-)
> In a nutshell, for people who don't like reading JEPs.
The idea is to make HTTP authentication more secure by taking advantage
of strong XMPP authentication.
Instead of providing normal user/password to a website, you provide your
JID and so-called transaction identifier. Then server asks you via XMPP
"oh, it's really you trying to access this site?". If you confirm (in
your XMPP client), you get access to the site.
And I just remembered: This patch implements a bit modified version of
the JEP - Peter was too busy to update the official copy, but he said
he'll do this soon.
- --
Maciek
xmpp:machekku at uaznia.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1-nr1 (Windows XP)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEpSin7knNPWzAbeURAkasAJ0cFc6gY7JbjvAumseB4N8tzYOILQCfe7w+
5q5lwozBkLfiju79Ea7qQIM=
=MwjR
-----END PGP SIGNATURE-----
More information about the psi-devel
mailing list