[Security] TLS-SRP Questions
dmeyer at tzi.de
Thu Aug 21 16:34:39 CDT 2008
Kurt Zeilenga wrote:
> On Aug 21, 2008, at 1:38 PM, Jonathan Dickinson wrote:
>>> -----Original Message-----
>>> From: security-bounces at xmpp.org [mailto:security-bounces at xmpp.org] On
>>> Behalf Of Kurt Zeilenga
>>> Sent: Thursday, August 21, 2008 10:32 PM
>>> To: XMPP Security
>>> Subject: Re: [Security] TLS-SRP Questions
>>> On Aug 21, 2008, at 12:19 PM, Dirk Meyer wrote:
>>> Why would there be any need to otherwise "verify" A's certificate?
>> So B knows who they are talking to ;).
> Does B care to who A is more than its the person that asserted they
> were some jabberid?
Yes, I want mutal trust. Maybe the server is compromised or I do not
have a server (link local messaging). We need trust in both
Black holes are where God divided by zero.
More information about the Security