[Security] S2S Leap of faith w/ SASL EXTERNAL
stpeter at stpeter.im
Fri Nov 19 09:25:31 CST 2010
On 11/19/10 8:22 AM, Stephen Paul Weber wrote:
> On Wed, Nov 17, 2010 at 19:51, Kim Alvefur <zash at zash.se> wrote:
>> Imagine a server with a self signed certificate.
> Why is a production server using a self-signed certificate? StartSSL
> will give personal sites and some others a cert for free. Others can
> either get one pretty cheap, or we could convince the XMPP community
> to support CACert.
Given that I used to run the XMPP CA, I heartily agree that it's easy
enough for people to obtain certificates.
Either the admins are too lazy to do so or, in the case of large hosting
services, there are operational difficulties.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 6105 bytes
Desc: S/MIME Cryptographic Signature
More information about the Security