[Members] intermediate CA proposal

Peter Saint-Andre stpeter at jabber.org
Tue Nov 7 15:02:46 CST 2006

Matt Tucker wrote:
> Peter,
> Good timing as we're working on overhauling the certificate handling in
> Wildfire at the moment.
>>From what I remember from last week, Starcom has two certificate
> approval processes:
>  1) Email verification for personal certs.
>  2) Fax in photo ID's and documentation for class 2 server certs. 
> Is the latter the process the JSF would undergo, or something different?

My understanding is that we would be issuing Class 1 (personal) certs
through the ICA (based on ability to retrieve mail at an authorized
email address for the relevant domain). I happen to have a Class 2 cert
through StartCom because I went through all the photo ID stuff.

> Questions, comments:
>  * We'd be interested in supporting as much of the cert application
> process through web services as possible. This would make it trivial to
> create cert requests and have them approved from within Wildfire and any
> other XMPP server that implements the required web services.

I don't know the web services status of how StartCom works. I believe
they provide a drop-in website service but not SOAP and such.

>  * Does the JSF need to fully subsidize the certificates? What if it
> defrayed the cost rather than making them free?

It doesn't need to, but I think it's nice.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/members/attachments/20061107/6e110bb7/smime-0001.bin

More information about the Members mailing list