[Security] TLS Certificates Verification
Jonathan Schleifer
js-xmpp-security at webkeks.org
Tue Aug 19 03:10:56 CDT 2008
Am 18.08.2008 um 23:27 schrieb Peter Saint-Andre:
> AFAICS, TLS enables us to use PGP keys (experimental, not yet
> supported in all TLS libraries), CA-issued certs, and self-signed
> certs (leap of faith). There's no SAS support in TLS yet but that
> might be developed down the line because, as discussed on the TLS
> list recently, members of the SIP community (and others) are
> interested in that feature.
That still means no implementation has it, thus the advantage of being
able to just use one of the TLS implementations is gone. So we could
as well try to get a cryptanalysis for ESessions for a cheap price and
use Brandan Taylors implementation, for which he already offered to
port it to C so others can use it with nearly no afford at all.
--
Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part
Url : http://mail.jabber.org/pipermail/security/attachments/20080819/c634599e/attachment.pgp
More information about the Security
mailing list