[Standards-JIG] Depricating DialBack w/ new CA
Peter Saint-Andre
stpeter at jabber.org
Tue Jan 9 13:37:53 CST 2007
JD Conley wrote:
> My vote is to keep it around indefinitely. It fosters federation without
> the headaches of key/cert management. Even with the JSF being a cert
> authority you still have to request the certs, which is a manual and
> tedious process requiring some sort of out of band validation – email,
> etc. TLS (untrusted) + DNS (for trust) + Dialback is good enough
> security for 99% of the people out there.
I'd agree. The CA is an experiment, not a panacea. And it's certainly
not quite ready for prime time.
One could argue that dialback could be moved to a XEP, but I'd prefer to
make it an appendix in rfc3920bis.
/psa
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/standards/attachments/20070109/0d7ecdc6/smime.bin
More information about the Standards
mailing list