[Operators] Secure Communications Week

Johansson Olle E oej at edvina.net
Fri Aug 15 11:03:50 CDT 2008

15 aug 2008 kl. 18.00 skrev Peter Saint-Andre:

> Johansson Olle E wrote:
>> 15 aug 2008 kl. 17.36 skrev Peter Saint-Andre:
>>> David Horwitz wrote:
>>>> Hi All,
>>>> I just was looking at registering our service at www.xmpp.net Is  
>>>> there  any reason why xmpp@[domain] is not a valid verification  
>>>> address? Being a large university all the other addresses are  
>>>> handled by other departments....
>>> Yes, I know. That policy is set by the root CA we use (StartCom)  
>>> and we don't have any control over it, since we're just an  
>>> intermediate CA.
>> It's the same as for Geotrust's SSL certificates. In order to  
>> confirm your domain, they want you to prove that you are in control  
>> of the mail flow. That's why they only have a short list of pre- 
>> defined mail addresses to choose from.
>> For Geotrust, it's webmaster and sslmaster. Could propably add  
>> "xmppmaster" as well, but that's something that we only can suggest  
>> from the community side.
> For StartCom it's hostmaster, postmaster, and webmaster, in  
> accordance with RFC 2142. RFC 3920 mentions the xmpp@ address, but  
> that it not accepted by StartCom as an official email address. I  
> suppose I could work with them on that. :)

Well, as you have nothing to do, that could be an interesting way to  
spend your time. An alternative could be running against the well a  
few times. I don't know what gives more result, but trying to talk  
with a commercial CA is certainly an interesting experience to tell  
your grand-kids about one evening in front of the  fireplace... Good  

/O ;-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2207 bytes
Desc: not available
Url : http://mail.jabber.org/pipermail/operators/attachments/20080815/73d4ddaa/attachment.bin 

More information about the Operators mailing list