[Security] TLS Certificates Verification

Jonathan Dickinson jonathanD at k2.com
Tue Aug 19 16:22:35 CDT 2008


> -----Original Message-----
> From: security-bounces at xmpp.org [mailto:security-bounces at xmpp.org] On
> Behalf Of Eric Rescorla
> Sent: Tuesday, August 19, 2008 11:22 PM
> To: XMPP Security
> Subject: Re: [Security] TLS Certificates Verification
>
> On Tue, Aug 19, 2008 at 2:19 PM, Jonathan Schleifer
> <js-xmpp-security at webkeks.org> wrote:
> > "Eric Rescorla" <ekr at rtfm.com> wrote:
> >
> >> ...
>
> And your theory is that designing a new crypto protocol, a job we
> know from very painful experience to incredibly difficult, is somehow
> not reinventing? Please.

Can we cut this thread?

We now know that ESessions and OTR are probably not viable options. What else can we try out?

>
> -Ekr

- JonathanD


More information about the Security mailing list