[Security] TLS Certificates Verification
stpeter at stpeter.im
Tue Aug 19 13:05:04 CDT 2008
Eric Rescorla wrote:
> What Dave is suggesting, I think, would be a garden variety TLS handshake with
> whatever ciphersuites you already support and self-signed certs. Then you'd run
> SASL with some challenge/response protocol and channel bindings (you'd
> almost certainly want mutual auth here) and then on the basis of the C/R
> note that you trusted the peer's self-signed cert.
Yes I think that about sums it up.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080819/b551ec21/attachment.bin
More information about the Security