[Members] Lets Encrypt and XMPP
simon at buddycloud.com
Wed Dec 3 08:35:17 UTC 2014
It turns out that a good friend of mine (
https://www.eff.org/about/staff/seth-schoen) at the EFF was working on the
wire protocol for Lets Encrypt [and couldn't say anything about it for the
last 6 months].
Two weeks ago I reached out to him about supporting XMPP.
Here's his answer:
> Last night at the XMPP Standards Foundation board meeting we discussed how
> > (and with whom we should talk?) we could add support for XMPP servers to
> > validate their domains.
> Thanks! There's a pretty big debate going on right now about validation
> and cert issuance for non-HTTPS protocols.
> I think the best summary is that it's going to be hard enough to launch
> with HTTPS validation, so people should do the HTTPS validation step
> with a web server (we can even provide a dummy one -- I'm working on
> code for that now) and then load that into other services. Eventually
> the Let's Encrypt CA can figure out whether we want to officially
> directly support issuance of certs based on TLS verification of things
> other than HTTPS, but right now software will accept the same cert for
> multiple services (unless we can figure out a way to prevent it from
> doing so), so you can get the cert for your (possibly ephemeral) HTTPS
> server and then deploy it in your XMPP server.
Simon Tennant | Founder & CEO | Buddycloud <http://buddycloud.com> | +49 17
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Members