[jdev] Why STARTTLS? [was: IMPORTANT www.jabber.org software listings]

Alexander Gnauck gnauck at ag-software.de
Mon Feb 25 18:00:19 CST 2008

Jefferson Ogata schrieb:
> How, exactly, do you know? I.e. what specific prenegotiation informs the 
> XMPP server which domain certificate to use? Traditional STARTTLS (e.g. 
> in ESMTP and LDAP), AFAIK, has no such provision; this would have to be 
> an XMPP-specific augmentation.

from the stream header which gets sent before TLS is established.

> And how useful is this? The traditional place where polymorphic 
> certificates have been desired is in HTTP servers, where running 
> multiple SSL services requires an IP for each.

You can host unlimited vhosts on the same IP with StartTLS which is a 
big advantage. XMPP is much nicer in this scenarios than HTTP is.

> Do people actually do this with XMPP as well? Often?

yes they do


More information about the JDev mailing list