-
madmalkav
Cool, back from holidays and MongooseIM guys uploaded the docs for SASL External
-
madmalkav
Uncool, it is hardcoded to use the CN on the certificate as user. Tomorrow I will see if I can get it to work with UID instead
-
Maranda
-ping isode.com
-
Bunneh
Maranda: Ping failed (remote-server-not-found): Server-to-server connection failed: dialback authentication failed
-
Maranda
CN? I personally extract either xmpp addr SANs or email OID in Metronome's implementation for SASL external.
-
madmalkav
Well, MongooseIM just implemented it and only takes the CN
-
madmalkav
And my company is pretty dumb and CN have stupid data
-
Maranda
madmalkav, and what exactly does it expect from the CN?
-
madmalkav
The part before the @ of the xmpp address
-
Maranda
🤦♂ 🤦♂ 🤦♂ 🤦♂
-
madmalkav
But my company, instead of havind CN = userid , have CN=Full Name of the User - UserID
-
madmalkav
Terrible combination
-
Maranda
I have funny feelings in case the server instance serves multiples hosts.✎ -
Maranda
I have funny feelings in case the same instance serves multiples hosts. ✏
-
Maranda
(which is why you should use xmpp addr SANs or E-Mail OIDs as fall back)
-
madmalkav
Yeah, I think they will have to work a lot into making their sasl external implementation more functional, but my boss is pretty interested in getting a PoC working with MongooseIM. I suspect he is going to hire something with Erlang Solutions sooner or later and probably will throw some IM support to the pack
-
madmalkav
XMPP addresses, current certs doesn't have those and I won't expect to get to change that ever. Sure as hell I won't want to be the guy that have to talk to the people that manage that to ask them. But Email OID is a good idea
-
madmalkav
Anyway, time to get some sleep, seey
-
madmalkav
Seeya