[jdev] Hosting issues
Steven Peterson
stevenpete at gmail.com
Thu Sep 15 18:56:34 CDT 2005
> The forced host name is not relevant to TLS, just like the IP address
> that it resolves to. All that matters is the desired Jabber domain. Users
> have a bad enough time trying to determine whether or not something is
> secure, and adding further rules/exceptions would only make it worse.
The rules can be hidden from the user. If a user forces a server,
then the client application can accept either the cert for the forced
server or for the user's domain.
More information about the JDev
mailing list