prosody-modules
bd3ff802d883
mod_s2s_auth_posh/README.md

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_s2s_auth_posh/README.md @ 6120:bd3ff802d883

mod_anti_spam: Fix another traceback for origin sessions without an IP This is likely to be the case for stanzas originating from local hosts, for example (so not true s2s). It should be safe to bypass the IP check for those.
author Matthew Wild <mwild1@gmail.com>
date Sat, 28 Dec 2024 21:02:08 +0000
parent 6003:fe081789f7b5
line wrap: on
line source

---
labels:
- 'Type-S2SAuth'
---

Introduction
============

[PKIX over Secure HTTP (POSH)][rfc7711] describes a method of
securely delegating a domain to a hosting provider, without that hosting
provider needing keys and certificates covering the hosted domain.

# Validating

This module performs POSH validation of other servers. It is *not*
needed to delegate your own domain.

# Delegation

You can generate the JSON delegation file from a certificate by running
`prosodyctl mod_s2s_auth_posh /path/to/example.crt`. This file needs to
be served at `https://example.com/.well-known/posh/xmpp-server.json`.