[jdev] Why STARTTLS? [was: IMPORTANT www.jabber.org software listings]
Alexander Gnauck
gnauck at ag-software.de
Mon Feb 25 18:00:19 CST 2008
Jefferson Ogata schrieb:
> How, exactly, do you know? I.e. what specific prenegotiation informs the
> XMPP server which domain certificate to use? Traditional STARTTLS (e.g.
> in ESMTP and LDAP), AFAIK, has no such provision; this would have to be
> an XMPP-specific augmentation.
from the stream header which gets sent before TLS is established.
> And how useful is this? The traditional place where polymorphic
> certificates have been desired is in HTTP servers, where running
> multiple SSL services requires an IP for each.
You can host unlimited vhosts on the same IP with StartTLS which is a
big advantage. XMPP is much nicer in this scenarios than HTTP is.
> Do people actually do this with XMPP as well? Often?
yes they do
Regards,
Alex
More information about the JDev
mailing list