[Operators] Future of XMPP Re: The Google issue

Moonchild moonchild at palemoon.org
Thu Nov 28 13:44:18 UTC 2013


On 28/11/2013 13:44, Solomon Peachy wrote:
> The second is that every XMPP service operator is required to pay for a 
> third-party for a TLS certificate.  This isn't a large cost in absolute 
> terms, but does raise the bar for entry, and represents an ongoing cost.
>  (Anectdotally, most smaller operators, myself included, were using 
> self-signed certs to enable secure C2S credential exhange.)

So what about the Free-of-charge server SSL providers like StartSSL? I'm
using them for a few services (including XMPP) and it doesn't cost me
anything - while still having a valid and verified chain.

Meaning: this (ongoing) cost shouldn't have to be a problem as long as there
is still at least one provider willing to offer free SSL certificates to
small/noncommercial entities, making the argument a purely political one.



More information about the Operators mailing list