Re: [Beepcore-java-users] sample BEEP client/server with TLS/SASL for authentication/transport secur
Status: Beta
Brought to you by:
huston
Menu
▾
▴
Re: [Beepcore-java-users] sample BEEP client/server with TLS/SASL for authentication/transport security
|
From: David B. <da...@ve...> - 2004-11-09 13:37:03
|
On Nov 8, 2004, at 10:26 PM, dave harris wrote: > Am looking for the sample code for the above. > Also, I've these questions: > 1. After going thro' the RFC for TLS, it supports both authentication=20= > and transport > =A0=A0 level security. Can I just use the TLS profile to support both = in=20 > my Beep implementation? Sure. Of course, to use TLS for authentication (at least, two way=20 authentication) you will need clients to have certificates. > 2. I also read in SASL that it's not a good idea to use SASL=20 > authentication on top > =A0=A0 of TLS security? Huh? SASL/PLAIN *requires* TLS. There is no problem using SASL=20 authentication on top of TLS. > BAsically, am in confused state now as to how I can use the security=20= > profiles in > BEEP. Right now, beepcore-java only ships with two SASL profiles: ANONYMOUS=20 and OTP, neither of which are particularly enhanced by TLS, but you=20 should be able to use both over TLS if you wished. There are pending patches on sourceforge for adding more SASL support. =20= So far, no one has had time to integrate them. -- David Blacka <da...@ve...> Sr. Engineer Verisign Applied Research |
