[Standards] compliance: cert(s)

Peter Saint-Andre stpeter at jabber.org
Fri Jun 15 18:03:22 UTC 2007

Mridul Muralidharan wrote:
> Justin Karneges wrote:
>> On Thursday 14 June 2007 2:59 pm, Peter Saint-Andre wrote:
>>> Would it be appropriate to recommend that client and server developers
>>> bundle support for the root certificate under which the XMPP ICA issues
>>> domain certificates?
>> The XSF is not in a position to vouch for the trustworthiness of a 
>> certificate authority.  
> +1

The XSF runs the XMPP Intermediate Certification Authority, so I'd hope 
we can trust it. We do not run the root CA upon which the XMPP ICA depends.

>  > At best, you could cite some other organization as being the
>> basis of the recommendation.  For example, a XEP could claim that 
>> StartCom is WebTrust-certified, and is therefore generally accepted as 
>> trustworthy for economic usage over the open internet.
>> That said, I think making a recommendation like this is mostly redundant.
> Yes, if it is trusted, most keystores will already include it as a ca by 
> default.

The certificate for the root CA is included in the Mozilla store, the 
store on various flavors of Linux as well as Mac OS X 10.5. I do not 
know when it might be included on Windows.


Peter Saint-Andre
XMPP Standards Foundation

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070615/8109db5a/attachment.bin>

More information about the Standards mailing list