[jdev] Re: TLS and self-signed certs
Neil Stevens
neil at hakubi.us
Thu Nov 18 16:04:03 CST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 18 November 2004 10:07 am, David Waite wrote:
> Nothing can be done without trust. We are using Verisign today as a
> trusted body for providing correct DNS records and references.
Funny business in DNS is easy to detect. Funny business in certificates is
not.
Trusted third parties in DNS are required. Trusted third parties in
encryption are not.
So I'd rather not see the use of encrypted Jabber connections tied to the
use of a redundant third party.
- --
Neil Stevens - neil at hakubi.us
"The world is a dangerous place to live; not because of the people who
are evil, but because of the people who don't do anything about it."
-- Albert Einstein(?)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFBnRxTf7mnligQOmERAljgAJ0YSKLVtewW46s1idyZtMd/je3z2wCfQ+Ab
Qi92uTEyJcoDLcC4cxv/2q0=
=A1E+
-----END PGP SIGNATURE-----
More information about the JDev
mailing list