[Members] Lets Encrypt and XMPP

Simon Tennant simon at buddycloud.com
Wed Dec 3 08:35:17 UTC 2014


It turns out that a good friend of mine (
https://www.eff.org/about/staff/seth-schoen) at the EFF was working on the
wire protocol for Lets Encrypt [and couldn't say anything about it for the
last 6 months].

Two weeks ago I reached out to him about supporting XMPP.

Here's his answer:

> Last night at the XMPP Standards Foundation board meeting we discussed how
> > (and with whom we should talk?) we could add support for XMPP servers to
> > validate their domains.
>
> Thanks!  There's a pretty big debate going on right now about validation
> and cert issuance for non-HTTPS protocols.
>
> I think the best summary is that it's going to be hard enough to launch
> with HTTPS validation, so people should do the HTTPS validation step
> with a web server (we can even provide a dummy one -- I'm working on
> code for that now) and then load that into other services.  Eventually
> the Let's Encrypt CA can figure out whether we want to officially
> directly support issuance of certs based on TLS verification of things
> other than HTTPS, but right now software will accept the same cert for
> multiple services (unless we can figure out a way to prevent it from
> doing so), so you can get the cert for your (possibly ephemeral) HTTPS
> server and then deploy it in your XMPP server.


S.

-- 
Simon Tennant | Founder & CEO | Buddycloud <http://buddycloud.com> | +49 17
8545 0880
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/members/attachments/20141203/87b86f42/attachment.html>


More information about the Members mailing list