[jdev] cert handling in xmpp server implementations
Dave Cridland
dave at cridland.net
Wed May 24 18:10:00 CDT 2006
On Wed May 24 23:49:23 2006, Peter Saint-Andre wrote:
> I haven't started to think about client-side certs much yet, since
> end
> users find them awfully confusing. I think it would be good for
> clients
> to support them, but right now I'm more focused on making sure that
> both
> clients and servers correctly handle server certs (and that we start
> using server certs much more widely).
Well, I think people ought to be authenticating the server. Whether
that's done by placing your trust in Verisign, or by the more direct
mutual authentication provided by SASL mechanisms like DIGEST-MD5,
doesn't really matter so much. For XMPP clients, I'd personally say
that SASL-based mutual auth is a better fit.
Dave.
--
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at jabber.org
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the JDev
mailing list