[jdev] Second-guessing dns for s2s
Tijl Houtbeckers
thoutbeckers at splendo.com
Sat Sep 24 20:24:15 CDT 2005
On Sun, 25 Sep 2005 02:55:09 +0200, David Waite <dwaite at gmail.com> wrote:
> On 9/24/05, Matt Tucker <matt at jivesoftware.com> wrote:
>> Tjil,
> <snip>
>> > While requiring a signed certificate is a step up, it is only
>> > a small step it. It are still unknown servers you are talking
>> > to, thus unknown certificates.
>>
>> That's the point of a CA. If a CA signs a cert, that means you should
>> trust it. No security is perfect, but the CA system is the bedrock of
>> internet security. I don't particularly like how the CA system works,
>> but that's another issue.
>
> Right - certificate chains are chains of trust, ownership of a cert is
> meant as proof of identity. By trusting a CA you are saying that CA is
> trusted for authentication, like how you would delegate authentication
> to a LDAP within your domain.
Wrong - ask any CA if they want to be held responsible for what people do
with the certificates that get handed out to them. They'll say: hell no.
The only thing they try to sell you on, is that when one of those
certificates is used (for example to enable encryption) you can be pretty
damned sure (I doubt that even the CAs will try and convince you it's 100%
sure, not CAcert nor any of the others) it was registered by who/whatever
the certificate says it is registered to. That's it folks, how badly you
want to put your trust in the person/orginization listed there, is your
own responsibility, and any CA will tell you that.
In the case of open dailback/sasl, that means putting your trust in
complete strangers. I don't know about you, but that's not how I typically
run the LDAP server for a domain.
More information about the JDev
mailing list