prosody-modules
f2363e6d9a64
mod_s2s_auth_monkeysphere/README.markdown

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_s2s_auth_monkeysphere/README.markdown @ 5390:f2363e6d9a64

mod_http_oauth2: Advertise the currently supported id_token signing algorithm This field is REQUIRED. The algorithm RS256 MUST be included, but isn't because we don't implement it, as that would require implementing a pile of additional cryptography and JWT stuff. Instead the id_token is signed using the client secret, which allows verification by the client, since it's a shared secret per OpenID Connect Core 1.0 § 10.1 under Symmetric Signatures. OpenID Connect Discovery 1.0 has a lot of REQUIRED and MUST clauses that are not supported here, but that's okay because this is served from the RFC 8414 OAuth 2.0 Authorization Server Metadata .well-known endpoint!
author Kim Alvefur <zash@zash.se>
date Sun, 30 Apr 2023 16:13:40 +0200
parent 3392:8d1141025b43
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
- 'Type-S2SAuth'
summary: Monkeysphere certificate checking for s2s
---

## Introduction

[Monkeysphere](http://web.monkeysphere.info/) is a project aiming to
introduce PGP's web of trust to protocols such as SSH and TLS (which
XMPP uses).

## Details

This module is currently just a prototype, it has numerous issues and is
**not** suitable for production use.

## Compatibility

  ------- -----------------------------
  trunk   Works (not tested recently)
  0.11    Works (not tested)
  0.10    Does not work
  0.9     Does not work
  ------- -----------------------------