[jdev] virtual hosting and certificate checking
stpeter at jabber.org
Wed Mar 1 17:49:51 CST 2006
-----BEGIN PGP SIGNED MESSAGE-----
> Gary Burd wrote:
>> A couple of snips from the conversation:
>>> For hosting providers it's usually an up-sell to your
>>> customers to add security
>>> because it's each domain owner's responsibility to
>>> manage their own certificate.
>> Extra cost and responsiblity can impede XMPP adoption.
> Look, if people don't want TLS, we're not forcing them to use it.
Well, but we want people to use TLS. If it's too difficult, then we'll
have a less secure network. And that seems like a Bad Thing even if it's
not our fault.
> There are other ways to streamline these things, such as making it
> easier for people running an XMPP server to get a certificate.
> As far as "cost", http://www.cacert.org/ -- use it, love it, urge
> everyone to add their root certificate.
Yes, CAcert is great and I've been working with them to get support for
id-on-xmppAddr into their certs. But that doesn't necessarily make it
easier for people who are hosting a *lot* of XMPP domains to support TLS.
Jabber Software Foundation
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3641 bytes
Desc: S/MIME Cryptographic Signature
More information about the JDev