[Operators] Future of XMPP Re: The Google issue
Jesse Thompson
jesse.thompson at doit.wisc.edu
Tue Dec 3 16:24:05 UTC 2013
On 11/28/13, 7:44 AM, Moonchild wrote:
> On 28/11/2013 13:44, Solomon Peachy wrote:
>> The second is that every XMPP service operator is required to pay for a
>> third-party for a TLS certificate. This isn't a large cost in absolute
>> terms, but does raise the bar for entry, and represents an ongoing cost.
>> (Anectdotally, most smaller operators, myself included, were using
>> self-signed certs to enable secure C2S credential exhange.)
>
> So what about the Free-of-charge server SSL providers like StartSSL? I'm
> using them for a few services (including XMPP) and it doesn't cost me
> anything - while still having a valid and verified chain.
>
> Meaning: this (ongoing) cost shouldn't have to be a problem as long as there
> is still at least one provider willing to offer free SSL certificates to
> small/noncommercial entities, making the argument a purely political one.
It's not just monetary costs. It's maintenance costs too. We have 250
email domains. And, our team is not authoritative to obtain/handle
private keys for all of those domains. We've not enabled XMPP for all
of our domains primarily due to the projected cost/hassle with managing
250 certificates for customers.
We need POSH
Jesse
UW-Madison
More information about the Operators
mailing list