Mercurial > prosody-modules
view mod_s2s_auth_monkeysphere/README.markdown @ 4270:243f7b0dbf35
mod_http_oauth2: Reduce authorization code validity time to 2 minutes
RFC 6749 states
> A maximum authorization code lifetime of 10 minutes is RECOMMENDED.
So 15 minutes was way too long. I was thinking 5 minutes at first but
since this should generally be instant, I settled on 2 minutes as a
large guesstimate on how slow it might be on slow links.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 22 Nov 2020 18:46:25 +0100 |
parents | 8d1141025b43 |
children |
line wrap: on
line source
--- labels: - 'Stage-Alpha' - 'Type-S2SAuth' summary: Monkeysphere certificate checking for s2s --- ## Introduction [Monkeysphere](http://web.monkeysphere.info/) is a project aiming to introduce PGP's web of trust to protocols such as SSH and TLS (which XMPP uses). ## Details This module is currently just a prototype, it has numerous issues and is **not** suitable for production use. ## Compatibility ------- ----------------------------- trunk Works (not tested recently) 0.11 Works (not tested) 0.10 Does not work 0.9 Does not work ------- -----------------------------