[Standards] compliance: cert(s)
m at tthias.eu
Fri Jun 15 15:32:37 CDT 2007
Justin Karneges schrieb:
> The XSF runs an ICA, but that alone is not enough of a reason for XMPP
> developers and users to trust it. The reason the XMPP ICA is interesting is
> because it is under StartCom control, and StartCom is widely trusted. To
> better understand what I mean, just imagine if the XMPP CA was an independent
> root CA. The value comes not from the XSF's booming voice, but from
> StartCom. :)
> Anyway, there's nothing wrong with having a recommendation, and I see you've
> already published new versions of the XEP with it. However, it does come off
> as an advertisement, which is a strange thing to have in a XEP. You could
> just as well advertise Equifax, I'm sure they have a number of XMPP domain
> certificates issued too.
> Right, bundling does have value. The Psi 0.11 release candidate ships the
> StartCom root, for example. However, Psi only does this because Mozilla does
> this. Really, it is important here to realize who is in a position to vouch
> for trust. XSF and Psi are unable do this, but the Mozilla Foundation is,
> and so that's the authority Psi draws from, *not* any XSF recommendation.
+3 ... one for each chapter ...
While I do bundle the StartCom root certificate with jabberd14 as well,
I also do not do this because of any XEP.
Me as well, I would consider it at least very strange if any XEP
advertizes or recommends any certification authority. You also won't
find any recommended CA in RFC 2818 (HTTP over TLS).
Matthias Wimmer Fon +49-700 77 00 77 70
Züricher Str. 243 Fax +49-89 95 89 91 56
81476 München http://ma.tthias.eu/
More information about the Standards