[Summit] TLS s2s interconect hackfest

Dave Cridland dave at cridland.net
Wed Jan 27 07:25:26 CST 2010


On Wed Jan 27 13:03:50 2010, Peter Saint-Andre wrote:
> On 1/27/10 6:00 AM, Dave Cridland wrote:
> > On Wed Jan 27 12:44:05 2010, Diana Cionoiu wrote:
> >> Hello,
> >>
> >> Is there ANYONE interested to test TLS s2s during the Friday  
> hackfest?
> >
> > We can certainly do that.
> 
> +1. This is a major gap in testing and deployment, perhaps because  
> it's
> not visible to users.
> 
> 
Right, that's true. It's also very easy to get wrong in various weird  
ways. (My favourite remains the case where you decide that the peer  
you're connecting to doesn't have a valid certificate, and therefore  
instead of using the EXTERNAL you're offered, you insist on doing  
dialback to authenticate yourself.)


> > I can bring along a CA, too.
> 
> Handy to have a CA in one's back pocket, eh? ;-)

Well, I'll make one on a laptop, actually, but yes.

Everyone needs a full X.500 infrastructure on their laptop.

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade


More information about the Summit mailing list