[Operators] server certs for XMPP and SIP
Daniel Pocock
daniel at pocock.com.au
Fri Jan 27 22:11:34 UTC 2012
I've got two questions:
- what are the specifications for a subjectAltName (SAN) cert that can
be used for both Jabber and SIP?
- which CAs have been reliable in providing such certs?
Background info that I found:
- I understand the certs used to differ (SIP used the dNSName record
type, while Jabber used otherName xmppAddr)
- since the revised RFC 6120, Jabber now supports dNSName, same as SIP
http://tools.ietf.org/html/rfc6120
http://tools.ietf.org/html/rfc6125
- the xmpp.net page found by Google only refers to the StartCom CA:
http://xmpp.org/resources/certificates/
- the wiki page found by Google appears to be concerned with the old
standard:
http://wiki.xmpp.org/web/XMPP_Server_Certificates
- many of the CA web sites just refer to `subjectAltName' or SAN
certificates - they don't advise what type of data (e.g. otherName or
dNSName) they are willing to put in the cert
More information about the Operators
mailing list