[Members] Lets Encrypt and XMPP

Ben Schumacher bschumac at cisco.com
Wed Dec 3 16:51:32 UTC 2014


Simon-

You might want to jump on the mailing list for ACME and chime in on the 
debate, if you have opinions. You can find details here:

https://www.ietf.org/mailman/listinfo/acme

Simon-

You might consider joining the ACME mailing lists which is actively 
discussing the topic of how validation might work. If you're interested 
in providing feedback on what is the best way to proceed.

https://www.ietf.org/mailman/listinfo/acme

At any rate, I think it's a pretty awesome project and look forward to 
seeing where it goes.

Thanks,
Ben


On 12/3/14 1:35 AM, Simon Tennant wrote:
> It turns out that a good friend of mine
> (https://www.eff.org/about/staff/seth-schoen) at the EFF was working on
> the wire protocol for Lets Encrypt [and couldn't say anything about it
> for the last 6 months].
>
> Two weeks ago I reached out to him about supporting XMPP.
>
> Here's his answer:
>
>     > Last night at the XMPP Standards Foundation board meeting we discussed how
>     > (and with whom we should talk?) we could add support for XMPP servers to
>     > validate their domains.
>
>     Thanks!  There's a pretty big debate going on right now about validation
>     and cert issuance for non-HTTPS protocols.
>
>     I think the best summary is that it's going to be hard enough to launch
>     with HTTPS validation, so people should do the HTTPS validation step
>     with a web server (we can even provide a dummy one -- I'm working on
>     code for that now) and then load that into other services.  Eventually
>     the Let's Encrypt CA can figure out whether we want to officially
>     directly support issuance of certs based on TLS verification of things
>     other than HTTPS, but right now software will accept the same cert for
>     multiple services (unless we can figure out a way to prevent it from
>     doing so), so you can get the cert for your (possibly ephemeral) HTTPS
>     server and then deploy it in your XMPP server.
>
>
> S.
>
> --
> Simon Tennant | Founder & CEO | Buddycloud <http://buddycloud.com> | +49
> 17 8545 0880



More information about the Members mailing list