Diff

mod_sasl2_fast/README.md @ 5092:6594e7a9a174

mod_sasl2_fast: Add README
author Matthew Wild <mwild1@gmail.com>
date Mon, 28 Nov 2022 12:06:28 +0000
child 5095:745c7f4cca40
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mod_sasl2_fast/README.md	Mon Nov 28 12:06:28 2022 +0000
@@ -0,0 +1,31 @@
+---
+labels:
+- Stage-Beta
+summary: "Fast Authentication Streamlining Tokens"
+---
+
+This module implements a mechanism via which clients can exchange a password
+for a secure token, improving security and streamlining future reconnections.
+
+At the time of writing, the XEP that describes the FAST protocol is still
+working its way through the XSF standards process. You can [view the FAST XEP
+proposal here](https://xmpp.org/extensions/inbox/xep-fast.html).
+
+This module depends on [mod_sasl2].
+
+## Configuration
+
+| Name                      | Description                                            | Default               |
+|---------------------------|--------------------------------------------------------|-----------------------|
+| sasl2_fast_token_ttl      | Default token expiry (seconds)                         | `86400*21` (21 days)  |
+| sasl2_fast_token_min_ttl  | Time before tokens are eligible for rotation (seconds) | `86400` (1 day)       |
+
+The `sasl2_fast_token_ttl` option determines the length of time a client can
+remain disconnected before being "logged out" and needing to authenticate with
+a password. Clients must perform at least one FAST authentication within this
+period to remain active.
+
+The `sasl2_fast_token_min_ttl` option defines how long before a token will be
+rotated by the server. By default a token is rotated if it is older than 24
+hours. This value should be less than `sasl2_fast_token_ttl` to prevent
+clients being logged out unexpectedly.