[Operators] wildcard cert

Peter Saint-Andre stpeter at stpeter.im
Mon Feb 22 12:43:32 CST 2010

On 2/22/10 11:27 AM, Jesse Thompson wrote:

> We might as well stick with this clusterf*ck until xmpp-dna or
> xmpp-delegate is implemented.

Oh, and even then you're going to require a certificate, no? The point
of DNA or _xmpp-delegate or whatever solution the XMPP WG comes up with
is to handle the case of delegation (e.g., Google Apps is hosting my
domains) or the case of adding multiple domains to an existing
connection via attribute certificates. And the attribute cert stuff is
going to require a lot of man hours -- new features in OpenSSL or the
like, an admin-friendly and open-source tool to generate attribute certs
because otherwise it will be really hard, best practice docs, READMEs,
etc. Who is going to do all that work? TANSTAAFL, folks.


Peter Saint-Andre

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6820 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20100222/dc6d76ba/attachment-0001.bin>

More information about the Operators mailing list