[Standards] [Fwd: I-D Action:draft-melnikov-digest-to-historic-00.txt]
stpeter at stpeter.im
Wed Sep 12 15:19:06 UTC 2007
Jonathan Chayce Dickinson wrote:
> Or, alternatively, what I said before, is that the SSL/TLS be two way, that
> is both the client and the server present certificates (SASL EXTERNAL).
TLS + SASL EXTERNAL is also mandatory-to-implement. But how many people
have or use X.509 certificates? I seem to be just about the only person
who signs their email with such a certificate on this list, or even on
the security-related IETF lists. If even members of the IETF security
mafia don't eat their own dogfood, I don't see how we can expect the
average Jabber user to do so.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards