[Security] TLS Certificates Verification
Johansson Olle E
oej at edvina.net
Wed Aug 20 00:40:41 CDT 2008
19 aug 2008 kl. 10.09 skrev Jonathan Schleifer:
> But it wasn't analyzed with IM in mind, but stuff like HTTPS or
> IMAPS. For Jabber, we have traffic that is human generated, which
> allows a lot more of attacks. I already named a few of them on the
> standards list.
Whenever we discuss XMPP security, please don't assume it's only for
humans. There's a lot of people using it as an application
infrastructure too.
That said, we can find different solutions for both cases, but we
propably should not exclude one of them.
Just a kind reminder :-)
/O
More information about the Security
mailing list