[Operators] requiring channel encryption

Jonathan Schleifer js-xog at webkeks.org
Thu May 1 08:13:37 CDT 2008


Jesse Thompson <jesse.thompson at doit.wisc.edu> wrote:

> Yes, I agree with that.  But you give the vast majority of users too 
> much credit when you assume that they know they should be using TLS. 
> Most users blindly assume that the service administrator or client 
> developer will not give them something that isn't secure.

You're right. Maybe we should agree that s2s TLS is as c2s TLS. Both
should be mandatory, otherwise there's always a hole where messages 
could be intercepted.

-- 
Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
Url : http://mail.jabber.org/pipermail/operators/attachments/20080501/d8d88d97/attachment.pgp 


More information about the Operators mailing list