[Operators] requiring channel encryption

Jesse Thompson jesse.thompson at doit.wisc.edu
Thu May 1 08:10:42 CDT 2008


Jonathan Schleifer wrote:
> But forcing users to TLS is more important than forcing s2s to use TLS.
> Users who want can still use TLS, but it's not mandatory. I think
> making s2s TLS mandatory first is easier.

Yes, I agree with that.  But you give the vast majority of users too 
much credit when you assume that they know they should be using TLS. 
Most users blindly assume that the service administrator or client 
developer will not give them something that isn't secure.

Jesse
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3340 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/operators/attachments/20080501/d88e402f/attachment-0001.bin 


More information about the Operators mailing list