[Security] TLS Certificates Verification

Johansson Olle E oej at edvina.net
Wed Aug 20 00:40:41 CDT 2008


19 aug 2008 kl. 10.09 skrev Jonathan Schleifer:

> But it wasn't analyzed with IM in mind, but stuff like HTTPS or  
> IMAPS. For Jabber, we have traffic that is human generated, which  
> allows a lot more of attacks. I already named a few of them on the  
> standards list.

Whenever we discuss XMPP security, please don't assume it's only for  
humans. There's a lot of people using it as an application  
infrastructure too.
That said, we can find different solutions for both cases, but we  
propably should not exclude one of them.

Just a kind reminder :-)

/O


More information about the Security mailing list