[Standards-JIG] Depricating DialBack w/ new CA

JD Conley jd.conley at coversant.net
Wed Jan 10 18:07:35 UTC 2007


I like it because of the features it provides our customers. I hate actually writing the code to make it happen reliably. ;)

> -----Original Message-----
> From: standards-jig-bounces at jabber.org [mailto:standards-jig-
> bounces at jabber.org] On Behalf Of Matthias Wimmer
> Sent: Wednesday, January 10, 2007 2:17 AM
> To: XMPP Extension Discussion List
> Subject: Re: [Standards-JIG] Depricating DialBack w/ new CA
> 
> JD Conley schrieb:
> > My vote is to keep it around indefinitely. It fosters federation
> without
> > the headaches of key/cert management. Even with the JSF being a cert
> > authority you still have to request the certs, which is a manual and
> > tedious process requiring some sort of out of band validation –
> email,
> > etc. TLS (untrusted) + DNS (for trust) + Dialback is good enough
> > security for 99% of the people out there.
> 
> +1
> 
> (Not that I like dialback, but I think we still need it for the above
> reasons.)


More information about the Standards mailing list