[BEEPwg] Name check in BEEP TLS

Steve Hanna shanna at funk.com
Wed Aug 25 13:56:16 PDT 2004

In looking through the description of the TLS
transport security profile in RFC 3080, I expected
to see some information about how the server
certificates are used to perform server authentication.
Something like section 3.1 of RFC 2818. Otherwise,
you just have an armor-plated pipe to an
unknown party.

Is the idea to use SASL after the TLS transport
is up to allow the two peers to authenticate
each other? If so, I hope that authentication
is tied to the TLS session in some way so you
know there's no man in the middle.

Sorry for the newbie questions. I'm considering
proposing BEEP for a new protocol I'm working on
and want to make sure I understand the security
properties. I'll let you know how it comes out.


Steve Hanna
Funk Software

More information about the BEEPwg mailing list