[jdev] Re: TLS and self-signed certs

Peter Saint-Andre stpeter at jabber.org
Fri Nov 12 12:29:48 CST 2004

In article <Pine.LNX.4.53.0411121012160.15768 at bluebox.conspiracy.net>,
 maqi at jabberstudio.org wrote:

> On Thu, 11 Nov 2004, Peter Saint-Andre wrote:
> > http://web.amessage.info/news/article/2981 asserts that one cannot use
> > self-signed certs with TLS for securing XMPP streams.
> Quote: "The problem is, that XMPP is not very clear about the usage of
> STARTTLS on dialback-connections". In the following, it is explained why
> TLS+dialback(+self-signed certs) is needed and why TLS+SASL(+CA-signed
> certs) is not feasible at the moment.
> So I think you misunderstood the article...?

Well, I was thinking of this paragraph:

"While this is a good choice to establish coordinates links between 
servers, it does not work for servers, where the administrators did not 
setup the encryption by agreement."

Is that accurate?


More information about the JDev mailing list