[Standards-JIG] Depricating DialBack w/ new CA
stpeter at jabber.org
Tue Jan 9 19:37:53 UTC 2007
JD Conley wrote:
> My vote is to keep it around indefinitely. It fosters federation without
> the headaches of key/cert management. Even with the JSF being a cert
> authority you still have to request the certs, which is a manual and
> tedious process requiring some sort of out of band validation – email,
> etc. TLS (untrusted) + DNS (for trust) + Dialback is good enough
> security for 99% of the people out there.
I'd agree. The CA is an experiment, not a panacea. And it's certainly
not quite ready for prime time.
One could argue that dialback could be moved to a XEP, but I'd prefer to
make it an appendix in rfc3920bis.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards