[Security] TLS Certificates Verification
jonathanD at k2.com
Tue Aug 19 16:22:35 CDT 2008
> -----Original Message-----
> From: security-bounces at xmpp.org [mailto:security-bounces at xmpp.org] On
> Behalf Of Eric Rescorla
> Sent: Tuesday, August 19, 2008 11:22 PM
> To: XMPP Security
> Subject: Re: [Security] TLS Certificates Verification
> On Tue, Aug 19, 2008 at 2:19 PM, Jonathan Schleifer
> <js-xmpp-security at webkeks.org> wrote:
> > "Eric Rescorla" <ekr at rtfm.com> wrote:
> >> ...
> And your theory is that designing a new crypto protocol, a job we
> know from very painful experience to incredibly difficult, is somehow
> not reinventing? Please.
Can we cut this thread?
We now know that ESessions and OTR are probably not viable options. What else can we try out?
More information about the Security