Domain Name Assertions

The information below is for an old version of the document
Document Type Expired Internet-Draft (xmpp WG)
Last updated 2011-03-14 (latest revision 2010-01-14)
Stream IETF
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Additional Resources
- Mailing list discussion
Stream WG state WG Document
Document shepherd None
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The current authentication process in XMPP requires the XMPP server for a domain to present a certificate that contains that domain's name. This requirement causes several problems in scenarios where XMPP services have been delegated from one domain to another, especially when one domain provides XMPP services for many domains. This document describes an extension to the XMPP authentication process that allows domains to be securely delegated, simplifying authorization in delegation scenarios.


Jonas Lindberg (
Richard Barnes (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)