[Operators] server reputation

Peter Saint-Andre stpeter at stpeter.im
Tue Apr 22 10:18:50 CDT 2008


Greg Hudson wrote:
> On Mon, 2008-04-21 at 18:05 -0600, Robert Larson wrote:
>> There seems to be a lot of parallels between s2s and email.  When
>> looking at how well the world has adapted SPF and domain keys, I would
>> say the sooner something gets established, the better!
> 
>>From the start, Jabber has had "dialback" which is roughly equivalent to
> SPF, and makes it difficult (requires DNS spoofing) to impersonate
> another domain using s2s.  There is also a drive to make more servers
> use properly verified TLS for s2s connections, which is roughly
> equivalent to domain keys and would make it even harder to impersonate
> another domain using s2s.

Hi Greg, could you expand on what you mean by "properly identified"? In
the terms of XEP-0238, do you mean "encrypted federation" (i.e., TLS +
dialback but potentially with self-signed certificates) or "trusted
federation" (TLS + SASL EXTERNAL with certificates issued by common roots)?

Peter

-- 
Peter Saint-Andre
https://stpeter.im/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/operators/attachments/20080422/1c06f8a3/attachment.bin 


More information about the Operators mailing list