[jdev] virtual hosting and certificate checking
Justin Karneges
justin-keyword-jabber.093179 at affinix.com
Wed Mar 1 18:41:24 CST 2006
On Wednesday 01 March 2006 15:49, Peter Saint-Andre wrote:
> Yes, CAcert is great and I've been working with them to get support for
> id-on-xmppAddr into their certs. But that doesn't necessarily make it
> easier for people who are hosting a *lot* of XMPP domains to support TLS.
SSL/TLS is supposed to be end-to-end, in the sense that the client and server
are the ends. Even if two domains are hosted at the same hosting service, I
would definitely not condone sharing of the private key unless the domains
are intimately related (e.g., they are owned by the same customer account).
-Justin
More information about the JDev
mailing list