[Standards] [Fwd: I-D Action:draft-melnikov-digest-to-historic-00.txt]

Peter Saint-Andre stpeter at stpeter.im
Wed Sep 12 15:19:06 UTC 2007

Jonathan Chayce Dickinson wrote:
> Or, alternatively, what I said before, is that the SSL/TLS be two way, that
> is both the client and the server present certificates (SASL EXTERNAL).

TLS + SASL EXTERNAL is also mandatory-to-implement. But how many people
have or use X.509 certificates? I seem to be just about the only person
who signs their email with such a certificate on this list, or even on
the security-related IETF lists. If even members of the IETF security
mafia don't eat their own dogfood, I don't see how we can expect the
average Jabber user to do so.


Peter Saint-Andre

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070912/9001a61b/attachment.bin>

More information about the Standards mailing list