[Members] [Fwd: [Operators] XMPP ICA update]

Wed Sep 9 11:07:42 CDT 2009

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 9/9/09 10:04 AM, Arc Riley wrote:
> StarCom is, and has, offered class 1 certificates for free.  These
> certificates only verify valid domain ownership, not the identity of the
> person or organization claiming to own it.
> 
> So apparently they will just be expanding their free certificate
> offering from web and mail to xmpp as well.

Good summary.

> On Wed, Sep 9, 2009 at 11:59 AM, Nicolas Vérité
> <nicolas.verite at gmail.com <mailto:nicolas.verite at gmail.com>> wrote:
> 
>     Sorry, I don't undertand all the implications:
>     Does this mean that the XSF will stop distributing free ICA? (I
>     understand so)

Yes.

>     Will StarCom charge for their CA? (how much?)

Not for Class 1. If you want a Class 2 cert, you will need to provide
identity verification information. This might be required in order to
obtain a wildcard cert.

>     Will the process be simplified for admins worlwide? (should we
>     document more/better?)

I think it will be simpler.

>     I do understand that we still encourage other CA to do XMPP also:
>     Have you heard of such CA? 

Not yet.

> (will there be real competition?)

I sure hope so.

>     And last but not least:
>     Can we draw figures of self-signed certificates before, and really
>     ICA/CA signed after, in order to compare and have an idea of the
>     success of this operation? (even simple figures, personnal estimations
>     with 50% error would fit)

That sounds like a lot of work, especially because we never did any
surveys of deployment before the XMPP ICA was started.

Peter

- --
Peter Saint-Andre
https://stpeter.im/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqn0s4ACgkQNL8k5A2w/vxI1QCeNReIx3CCqWwjSzOq/AzLjzq5
84gAn0S8gYlfy4T2oyymMYLR2NAZyvlv
=99P9
-----END PGP SIGNATURE-----