[Security] TLS Certificates Verification

Peter Saint-Andre stpeter at stpeter.im
Mon Aug 18 16:14:25 CDT 2008


David Banes wrote:
> I'll hover here and chip in, we went through all of this with CipherIM 
> our proprietary Im client in the late 90's 'til 2001.
> 
> We did end up generating a key pair at client install time (including 
> testing password strength with a little feedback 'progress bar' ) and 
> then storing the public part of our keys on the client domains server. 
> It all worked fine. We setup SSL client -> server, then generated a one 
> time symmetric key for each session.
> 
> I did write all this up earlier, happy to re-post if I can find it.

Sure, that'd be great!

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080818/04200ca5/attachment.bin 


More information about the Security mailing list