[Operators] SSL certificates / private CAs / CACert issue

Jonas Wielicki xmpp-operators at sotecware.net
Sun Dec 16 21:46:31 UTC 2012


Hi Claudiu,

> Fair point, although I find it very hard to believe that anyone nowadays  still runs an email server or Jabber server and hasn't completely turned off plaintext comms. Using plaintext comms for such communication is wrong on so many levels that I don't even want to get into such a discussion.
Agreed on the moral point. However, I'd like to see stats on how many
public services allow plaintext comm and which ratio of those even
accepts plaintext auth over the unencrypted channel.

I, for myself, have enabled unencrypted communications on my XMPP
service, even for s2s. Why? Because the documentation of the server
software I use recommends it to increase interoperability. Because other
servers might reject my fine CACert certifiacte (although I'll look into
StartSSL).

regards,
Jonas W.


More information about the Operators mailing list