[Standards-JIG] Depricating DialBack w/ new CA

Thomas Charron twaffle at gmail.com
Tue Jan 9 19:42:29 UTC 2007


On 1/9/07, Peter Saint-Andre <stpeter at jabber.org> wrote:
>
> JD Conley wrote:
> > My vote is to keep it around indefinitely. It fosters federation without
> > the headaches of key/cert management. Even with the JSF being a cert
> > authority you still have to request the certs, which is a manual and
> > tedious process requiring some sort of out of band validation – email,
> > etc. TLS (untrusted) + DNS (for trust) + Dialback is good enough
> > security for 99% of the people out there.
>
> I'd agree. The CA is an experiment, not a panacea. And it's certainly
> not quite ready for prime time.
>
> One could argue that dialback could be moved to a XEP, but I'd prefer to
> make it an appendix in rfc3920bis.
>

  Also, correct me if I'm wrong, but the prices in the future may be
adjusted depending on many factors.  :-D

-- 
-- Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070109/72c71b6b/attachment.html>


More information about the Standards mailing list