[Security] TLS Certificates Verification

Jonathan Dickinson jonathanD at k2.com
Wed Aug 20 11:23:35 CDT 2008


> -----Original Message-----
> From: security-bounces at xmpp.org [mailto:security-bounces at xmpp.org] On
> Behalf Of Jonathan Schleifer
> Sent: Wednesday, August 20, 2008 6:20 PM
> To: security at xmpp.org
> Subject: Re: [Security] TLS Certificates Verification
>
> Jonathan Dickinson <jonathanD at k2.com> wrote:
>
> > ...
>
> This pretty much shows you never used such a technology in real world.
> We actually *HAD* the case that messages got to the wrong resource due
> to one resource going offline etc. and otherwise you would never notice
> something got lost!

Please go easy on the criticism. Try looking at message receipts. <http://www.xmpp.org/extensions/xep-0184.html>

>
> > Having it in a message stanza makes no sense.
>
> As I stated above, it absolutely does.

It depends.

>
> --
> Jonathan


More information about the Security mailing list