[jdev] TLS Everywhere

[kwadronaut]

Hi,

On Sun, 27 Oct 2013 21:23:08 -0600, Peter Saint-Andre wrote:
> have drafted a plan for upgrading the XMPP network to always-on,
> mandatory, ubiquitous encryption. You can find it here:

Great to see a movement towards ubiquitous encryption!
 
Couple of questions:

In the software there is:
> o provide configuration options to require channel encryption for 
client-to-server and server-to-server connections
While deployed:
> o require the use of TLS for both client-to-server and server-to-server 
connections
> o deploy certificates issued by well-known and widely-deployed 
certification authorities (CAs)

While I can see clients wanting to connect to servers that don't follow
that manifesto, the software piece should probably also get a 'It SHOULD 
be on by default.' Or maybe MUST?

Question 2, here I might be simply lacking some knowledge, I'm presuming 
some things.
at the software
side:
> o prefer authenticated encryption (via digital certificates) for server-
to-server connections; if authenticated encryption is not available, fall 
back to opportunistic encryption with identity verification using Server 
Dialback

Whereas the deployment piece says
> o require the use of TLS for both client-to-server and server-to-server 
connections

Doesn't that exclude Server Dialback? Please help me understanding this.

I still have a third question or remark, on the deployment of 
certificates issued by 'well-known and widely-deployed CAs.' In short: 
I'm not a big fan of them and have my doubts about this. But my ideas 
around it still need to hatch out.

Ciao,

kwadronaut