Mercurial > prosody-wiki

changeset 417:880259dc82a8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
DANE \o/
author Kim Alvefur <zash@zash.se>
date Fri, 17 Jan 2014 01:00:12 +0100
parents b95d737dc014
children 31cf9ab1d440
files mod_s2s_auth_dane.wiki
diffstat 1 files changed, 31 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mod_s2s_auth_dane.wiki	Fri Jan 17 01:00:12 2014 +0100
@@ -0,0 +1,31 @@
+#summary S2S authentication using DANE
+#labels Stage-Alpha, Type-S2SAuth
+
+= Introduction =
+
+This module implements DANE as described in 
+[http://tools.ietf.org/html/draft-miller-xmpp-dnssec-prooftype Using DNS Security Extensions (DNSSEC) and DNS-based Authentication of Named Entities (DANE) as a Prooftype for XMPP Domain Name Associations].
+
+However it covers only outgoing server-to-server connections.
+
+= Dependecies =
+
+This module requires a DNSSEC aware DNS resolver.  Prosodys internal DNS 
+module does not support DNSSEC.  Therefore, to use this module, a 
+replacement is needed, such as
+[https://github.com/Zash/luaunbound this libunbound and LuaJIT FFI based one].
+
+= Configuration =
+
+This module has no options.  Just add it to `modules_enabled`;
+
+{{{
+modules_enabled = {
+	...
+	"s2s_auth_dane";
+}
+}}}
+
+= Compatibility =
+
+Requires 0.9 or above.