[Operators] IM Observatory @ xmpp.net

Phil Pennock xmpp-operators+phil at spodhuis.org
Wed Oct 30 21:50:47 UTC 2013


On 2013-10-30 at 10:22 +0100, Thijs Alkemade wrote:
> In my opinion, “trusted” should not mean “can xmpp.net make a connection it
> trusts” but rather “can (most) end users make a connection without certificate
> warnings”. Currently, I’m not aware of any client supporting DANE. (This also
> covers my opinion on CAcert.)

Reasonable, thanks.  "Trusted" might be a poor choice of words, given
than without pinning, history shows that the CA system is already too
vulnerable here, so relying purely upon the CA for _unattended_
operation s2s, where a human would not have an opportunity to review
(unless diligently reviewing logs) may result in false self-assurances
of integrity.

But "the perfect is the enemy of the good" and this is definitely a huge
step forwards, as is the manifesto; so as long as this state is not seen
as the end goal but a worthwhile step, I'm all for it.

> Of course, this is only my own opinion. :) The test should be useful for the
> community, so if the consensus is that DANE’s trust anchor assertions should
> be allowed for showing up as trusted, then I’m willing to change that.

Probably best to just have rough consensus that once a couple of major
clients and a couple of major servers have support, the relevant report
mechanisms can be updated; s2s and c2s could switch independently.

Once a couple have support, and the reporting mechanism shows that this
is sufficient for many, it provides gentle pressure on everyone else
that they're falling behind in not providing the certificate validity
assurance that their users should be able to depend upon.

-Phil
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 163 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/operators/attachments/20131030/388ddff5/attachment.pgp>


More information about the Operators mailing list