[Security] TLS Certificates Verification
js-xmpp-security at webkeks.org
Thu Aug 21 07:16:28 CDT 2008
Am 21.08.2008 um 09:56 schrieb Jonathan Dickinson:
> 1. Explain the process to the user.
> 2. Download CA and IC certs and install. Download revocation lists
> and merge.
> 3. Create certificate with password.
> 4. Ask IC to sign cert.
> 5. [Skippable] Place the certificate on a thumbdrive and configure
> the program to read it from there.
> 6. [Skippable] Back the certificate up to either CD-RW (recommended)
> or XMPP server (if we can figure that one out).
> 7. Explain to the user how they can set up an encrypted messaging
> 8. Finish
You have to be kidding. No average user will ever do that. Look at
Gajim: The only thing the user needs to verify is a short SAS. And
even that seems to me too much for some people. So how can you have 8
steps when even a short SAS is already too much for some?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: This is a digitally signed message part
Url : http://mail.jabber.org/pipermail/security/attachments/20080821/f02601fa/attachment.pgp
More information about the Security