File

mod_s2s_auth_posh/README.markdown @ 3953:2c6d5734ae04

mod_rest: Add JSON mapping of XEP-0128: Service Discovery Extensions Example XEP-0157 payload: { "disco" : { "extensions" : { "http://jabber.org/network/serverinfo" : { "abuse-addresses" : [ "mailto:abuse@shakespeare.lit", "xmpp:abuse@shakespeare.lit" ], "admin-addresses" : [ "mailto:admin@shakespeare.lit", "xmpp:admin@shakespeare.lit" ], "feedback-addresses" : [ "http://shakespeare.lit/feedback.php", "mailto:feedback@shakespeare.lit", "xmpp:feedback@shakespeare.lit" ], "sales-addresses" : [ "xmpp:bard@shakespeare.lit" ], "security-addresses" : [ "xmpp:security@shakespeare.lit" ], "support-addresses" : [ "http://shakespeare.lit/support.php", "xmpp:support@shakespeare.lit" ] } } } }
author Kim Alvefur <zash@zash.se>
date Mon, 23 Mar 2020 19:03:04 +0100
parent 3225:517c7f0333e3
line wrap: on
line source

---
labels:
- 'Type-S2SAuth'
---

Introduction
============

[PKIX over Secure HTTP (POSH)][rfc7711] describes a method of
securely delegating a domain to a hosting provider, without that hosting
provider needing keys and certificates covering the hosted domain.

# Validating

This module performs POSH validation of other servers. It is *not*
needed to delegate your own domain.

# Delegation

You can generate the JSON delegation file from a certificate by running
`prosodyctl mod_s2s_auth_posh /path/to/example.crt`. This file needs to
be served at `https://example.com/.well-known/posh/xmpp-server.json`.