[jdev] Re: TLS and self-signed certs

David Waite dwaite at gmail.com
Fri Nov 12 15:21:25 CST 2004

I doubt someone arguing that ssh is more widely used (either in terms
of traffic or in terms of users) than SSL/TLS, or even than just the
https usage of SSL/TLS, would be taken very seriously.

If Jabber servers had started with S2S defaulting to SSL, then trusted
issuers would be the only way to make the server administration scale.
Since we did not, servers really can only require SSL in environments
where you are pairing with a limited number of other servers; for
these environments, using manually entered self-signed certificates is
usually the way to go.

-David Waite

On Fri, 12 Nov 2004 11:36:12 -0700, Peter Saint-Andre
<stpeter at jabber.org> wrote:
> Precisely. And one can argue that ssh is the most-used encryption
> technology on the planet. Perhaps "opportunistic cryptography" is not a
> bad model to follow? Even the IETF seems to be moving in the direction
> of recognizing reality on this issue -- see the "Better Than Nothing
> Security" BOF at IETF 61 this week:
> http://www.financialcryptography.com/mt/archives/000247.html#more
> Peter
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mail.jabber.org/mailman/listinfo/jdev

More information about the JDev mailing list