[Summit] TLS s2s interconect hackfest
stpeter at stpeter.im
Wed Jan 27 08:23:33 CST 2010
On 1/27/10 6:25 AM, Dave Cridland wrote:
> On Wed Jan 27 13:03:50 2010, Peter Saint-Andre wrote:
>> On 1/27/10 6:00 AM, Dave Cridland wrote:
>> > On Wed Jan 27 12:44:05 2010, Diana Cionoiu wrote:
>> >> Hello,
>> >> Is there ANYONE interested to test TLS s2s during the Friday hackfest?
>> > We can certainly do that.
>> +1. This is a major gap in testing and deployment, perhaps because it's
>> not visible to users.
> Right, that's true. It's also very easy to get wrong in various weird
> ways. (My favourite remains the case where you decide that the peer
> you're connecting to doesn't have a valid certificate, and therefore
> instead of using the EXTERNAL you're offered, you insist on doing
> dialback to authenticate yourself.)
That is rather strange from the PKI perspective, but it's always seemed
like a good fallback from the XMPP perspective. Or is it? :)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 6820 bytes
Desc: S/MIME Cryptographic Signature
More information about the Summit