[Standards] compliance: cert(s)

Peter Saint-Andre stpeter at jabber.org
Fri Jun 15 13:03:22 CDT 2007


Mridul Muralidharan wrote:
> Justin Karneges wrote:
>> On Thursday 14 June 2007 2:59 pm, Peter Saint-Andre wrote:
>>> Would it be appropriate to recommend that client and server developers
>>> bundle support for the root certificate under which the XMPP ICA issues
>>> domain certificates?
>>
>> The XSF is not in a position to vouch for the trustworthiness of a 
>> certificate authority.  
> 
> +1

The XSF runs the XMPP Intermediate Certification Authority, so I'd hope 
we can trust it. We do not run the root CA upon which the XMPP ICA depends.

>  > At best, you could cite some other organization as being the
>> basis of the recommendation.  For example, a XEP could claim that 
>> StartCom is WebTrust-certified, and is therefore generally accepted as 
>> trustworthy for economic usage over the open internet.
>>
>> That said, I think making a recommendation like this is mostly redundant.
> 
> Yes, if it is trusted, most keystores will already include it as a ca by 
> default.

The certificate for the root CA is included in the Mozilla store, the 
store on various flavors of Linux as well as Mac OS X 10.5. I do not 
know when it might be included on Windows.

Peter

-- 
Peter Saint-Andre
XMPP Standards Foundation
http://www.xmpp.org/xsf/people/stpeter.shtml

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/standards/attachments/20070615/8109db5a/smime.bin


More information about the Standards mailing list