[jdev] Securing XMPP
stpeter at stpeter.im
Thu Aug 29 01:27:18 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 8/28/13 12:42 PM, Olle E. Johansson wrote:
> 28 aug 2013 kl. 18:33 skrev Peter Saint-Andre
> <stpeter at stpeter.im>:
>> DANE/DNSSEC is great for that, or will be when it is more
>> generally available, but IMHO we might need to wait *years* for
>> that to happen.
> Peter, If you keep repeating this statement it will become true...
I don't think stpeter is that powerful. ;-)
> I don't think we're talking so many years here, but it all depends
> on which TLD you're using. In Sweden we've had DNSsec support in
> .SE for many years, we have patches for OpenSSL for DANE and are
> starting to look at code.
And our friends in .jp don't even have DNS SRV support yet!
> I think you should modify this statement that one might need to
> wait years for DANE/DNSsec to be implemented in all TLDs.
It's not just the registrars -- it's the resolvers, the nameservers,
the operating systems, the application software, the clients, the
servers, the distros, etc. There are a lot of moving parts involved.
Just my centigram of silver. ;-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the JDev