[jdev] Re: TLS and self-signed certs
Peter Saint-Andre
stpeter at jabber.org
Fri Nov 12 12:29:48 CST 2004
In article <Pine.LNX.4.53.0411121012160.15768 at bluebox.conspiracy.net>,
maqi at jabberstudio.org wrote:
> On Thu, 11 Nov 2004, Peter Saint-Andre wrote:
>
> > http://web.amessage.info/news/article/2981 asserts that one cannot use
> > self-signed certs with TLS for securing XMPP streams.
>
> Quote: "The problem is, that XMPP is not very clear about the usage of
> STARTTLS on dialback-connections". In the following, it is explained why
> TLS+dialback(+self-signed certs) is needed and why TLS+SASL(+CA-signed
> certs) is not feasible at the moment.
>
> So I think you misunderstood the article...?
Well, I was thinking of this paragraph:
"While this is a good choice to establish coordinates links between
servers, it does not work for servers, where the administrators did not
setup the encryption by agreement."
Is that accurate?
/psa
More information about the JDev
mailing list