[Standards-JIG] Re: FW: [jadmin] ssl between servers
stpeter at jabber.org
Tue Mar 15 16:53:13 UTC 2005
On Tue, Mar 15, 2005 at 07:31:24AM +0200, Stephen Marquard wrote:
> Peter Saint-Andre wrote:
> >On Mon, Mar 14, 2005 at 05:48:32PM -0600, Joe Hildebrand wrote:
> >>One could certainly configure their server such that if you weren't
> >>doing TLS on a S2S connection, the connection gets dropped.
> >Yeah, but I'm just an end user, not a server admin. I want to send a
> >message to you on another server, and I want to know if it will go over
> >an encrypted channel from my server to your server and from your server
> >to your client (presumably I know if my connection to my server is
> >encrypted). Right now I as the end user can't do this.
> I have to think that's of limited use though.
> If you don't trust the two (or more) servers that will handle your
> message, use end-to-end encryption (as even with SSL on c2s on s2s
> links, the servers still have your message in clear text, so a "padlock"
> icon showing that all hops are encrypted is misleading).
True. So we need to gain consensus on an e2e encryption spec.
More information about the Standards