[Standards] RFC 3920, 10.2/10.3: subdomain routing rules
tomek at xiaoka.com
Fri Mar 30 14:40:24 UTC 2007
Dnia 29-03-2007, czw o godzinie 15:52 +0200, Matthias Wimmer napisał(a):
> I considered checking destination certificates several times. But what
> would I do if the certificate could not be verified? Don't nail me down
> on the number, but I expect that about 50% of the certificates for my
> peers are invalid. I only seem to have two options:
> - Not peering with them. This would not encourage people to get valid
> certificates. Most admins would probably just stop using TLS at all.
> - Fall back to using dialback. Oh what cool improvement. Because I do
> not trust the certificate I go to transmit stanzas totally in clear.
> Both not very appealing options ...
Or... We could use user-pressure. :-)
What if a server marked all stanzas whether it came over secure channel,
And if clients would show if the conversation you're in is secure or
This could "encourage" server admins to put a proper certificates in
Xiaoka Grp. http://www.xiaoka.com/
More information about the Standards