[jadmin] trusted federation
Philipp Hancke
fippo at goodadvice.pages.de
Fri Jan 18 11:11:51 CST 2008
Peter Saint-Andre wrote:
>> But with XMPP we have dialback to verify sender. It works now really
>> well.
>
> Aha, I had not thought of it that way.
>
> In a way, TLS+dialback is similar to what people already accept in a
> protocol such as ssh. How many of you server admins independently check
No. TLS+dialback is more like calling the machine admin to verify the
fingerprint every time you connect.
> the fingerprint when you connect to a new unix machine? Probably not
> many. But if the fingerprint changes for the next session then that
> raises a red flag. We could do something similar with s2s connections.
> But that would require better reporting in existing implementations. I'm
> not yet sure what form that reporting might take, but I think that would
> be good to explore.
If a server encounters a self-signed certificate, it may log that event
and ask the admin to approve the certificate. If the admin does that,
the certificate may even be used for sasl external afterwards.
Not that I know of any servers that implement that. But RFC3920 does not
forbid it.
That mechanism could even be automated to verify any new certificate
using dialback... if anyone considers that a good idea.
More information about the JAdmin
mailing list