[Standards] compliance: cert(s)
Peter Saint-Andre
stpeter at jabber.org
Fri Jun 15 13:03:22 CDT 2007
Mridul Muralidharan wrote:
> Justin Karneges wrote:
>> On Thursday 14 June 2007 2:59 pm, Peter Saint-Andre wrote:
>>> Would it be appropriate to recommend that client and server developers
>>> bundle support for the root certificate under which the XMPP ICA issues
>>> domain certificates?
>>
>> The XSF is not in a position to vouch for the trustworthiness of a
>> certificate authority.
>
> +1
The XSF runs the XMPP Intermediate Certification Authority, so I'd hope
we can trust it. We do not run the root CA upon which the XMPP ICA depends.
> > At best, you could cite some other organization as being the
>> basis of the recommendation. For example, a XEP could claim that
>> StartCom is WebTrust-certified, and is therefore generally accepted as
>> trustworthy for economic usage over the open internet.
>>
>> That said, I think making a recommendation like this is mostly redundant.
>
> Yes, if it is trusted, most keystores will already include it as a ca by
> default.
The certificate for the root CA is included in the Mozilla store, the
store on various flavors of Linux as well as Mac OS X 10.5. I do not
know when it might be included on Windows.
Peter
--
Peter Saint-Andre
XMPP Standards Foundation
http://www.xmpp.org/xsf/people/stpeter.shtml
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/standards/attachments/20070615/8109db5a/smime.bin
More information about the Standards
mailing list