W dniu 03.05.2016, wto o godzinie 12∶34 -0700, użytkownik li...@lazygranch.com napisał: > I'm not following you here. You still have encryption with a self > signed cert, but no trust. But if you can't trust yourself, who else > can you trust?
If you have a reliable way of distributing your certificate, then yes. But then you are acting as an CA, so why don't use a real one? But if you just accept whatever cert server provides you with (like most people connecting self-signed service), then you have no more protection than on unencrypted connection. > On public wifi without the self signed cert, the conversation could > be read, not to mention login credentials. Using man-in-the-middle attack, even the encrypted conversation could be read - see above scenario with accepting server provided cert. And the default configuration of jabberd2 is not to allow plain text passwords on unencrypted channel, so you cannot read the login credentials. > Take "letsencrypt" for example. Prior to adding their certificates to > my root store, I could still get encryption, provided I let my > browser go ahead. I just could trust the website identity. But you are not sure the identity. You could aswell trust the man-in- the-middle proxying your communication and posing as the website. > The Hong Kong Post Office is a CA, but I don't really trust them. ;- > ) Why? They passed the audit checking whether they reliably verify the credentials before signing certs. > But xmpp doesn't have the downgrade option. You do not need to downgrade to unencrypted channel. MITM can aswell proxy an encrypted connection on both sides decrypting/encrypting on flight. As long as clients accept self-signed certs blindly, without consulting CA registry. -- /o__ Documentation is like sex: when it is good, it is very, very good; and (_<^' when it is bad, it is better than nothing.
signature.asc
Description: This is a digitally signed message part