[Standards-JIG] stream:error for dialback with no SASL support
m at tthias.net
Sat Jul 24 18:33:50 UTC 2004
David Waite schrieb am 2004-07-24 12:06:36:
> What does TLS mean without authentication? The idea is to use trusted
> certificates in order to authenticate (hopefully bidirectionally) with
> the other server. I guess I don't see what dialback provides if you
> are using certificates for authentication.
If there is a trusted certificate I do not need Dialback, that's true
... but I do not want to restrict TLS to only accept trusted
certificates (but the admin might request so be configuring the server
to only accept trusted certs).
In my opinion STARTTLS without trusted certs is still useful as it
protects the connection from passive attacks.
Fon: +49-(0)70 0770 07770 http://web.amessage.info
HAM: DB1MW xmpp:mawis at amessage.info
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 189 bytes
Desc: Digital signature
More information about the Standards