[jdev] Hosting issues

Steven Peterson stevenpete at gmail.com
Thu Sep 15 18:56:34 CDT 2005

> The forced host name is not  relevant to TLS, just like the IP address 
> that it resolves to.  All that matters is the desired Jabber domain.  Users
> have a bad enough time trying to determine whether or not something is
> secure, and adding further rules/exceptions would only make it worse.

The rules can be hidden from the user.  If a user forces a server,
then the client application can accept either the cert for the forced
server or for the user's domain.

More information about the JDev mailing list