[jdev] steps to complete tls negotiation

Norman Rasmussen norman at rasmussen.co.za
Wed Aug 9 17:41:22 CDT 2006

On 8/10/06, Norman Rasmussen <norman at rasmussen.co.za> wrote:
> On 8/9/06, ali <marslan.ali at gmail.com> wrote:
> > Yes i have gone through Use of TLS section of RFE3920 and can't understand
> > these two points how to implement them progrmatically i am programming in
> > VB.Net
> >
> >         The initiating entity MUST validate the certificate presented by
> >        the receiving entity
> >
> > i want to know the why to read the certificate presented by jabber.com
> >
> If you want to do this then you need to implement ICertificatePolicy
> on a new class and set ServicePointManager.CertificatePolicy to an
> instance of your class.

btw: if you don't do this, the .Net framework will do a standard sense
check for you (i.e. checks expiry date, names match, CA is known)

You would need to implement ICertificatePolicy to check the
certificate's "id-on-xmppAddr" value (not sure how), but everything
else should work out-of-the-box.

- Norman Rasmussen
 - Email: norman at rasmussen.co.za
 - Home page: http://norman.rasmussen.co.za/

More information about the JDev mailing list