[Standards-JIG] Depricating DialBack w/ new CA

Peter Saint-Andre stpeter at jabber.org
Tue Jan 9 19:37:53 UTC 2007


JD Conley wrote:
> My vote is to keep it around indefinitely. It fosters federation without 
> the headaches of key/cert management. Even with the JSF being a cert 
> authority you still have to request the certs, which is a manual and 
> tedious process requiring some sort of out of band validation – email, 
> etc. TLS (untrusted) + DNS (for trust) + Dialback is good enough 
> security for 99% of the people out there.

I'd agree. The CA is an experiment, not a panacea. And it's certainly 
not quite ready for prime time.

One could argue that dialback could be moved to a XEP, but I'd prefer to 
make it an appendix in rfc3920bis.

/psa


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070109/0d7ecdc6/attachment.bin>


More information about the Standards mailing list