W dniu 03.05.2016, wto o godzinie 12∶34 -0700, użytkownik
li...@lazygranch.com napisał:
> I'm not following you here. You still have encryption with a self
> signed cert, but no trust. But if you can't trust yourself, who else
> can you trust? 

If you have a reliable way of distributing your certificate, then yes.
But then you are acting as an CA, so why don't use a real one?

But if you just accept whatever cert server provides you with (like
most people connecting self-signed service), then you have no more
protection than on unencrypted connection.

> On public wifi without the self signed cert, the conversation could
> be read, not to mention login credentials.

Using man-in-the-middle attack, even the encrypted conversation could
be read - see above scenario with accepting server provided cert.

And the default configuration of jabberd2 is not to allow plain text
passwords on unencrypted channel, so you cannot read the login

> Take "letsencrypt" for example. Prior to adding their certificates to
> my root store, I could still get encryption, provided I let my
> browser go ahead. I just could trust the website identity. 

But you are not sure the identity. You could aswell trust the man-in-
the-middle proxying your communication and posing as the website.

> The Hong Kong Post Office is a CA, but I don't really trust them. ;-
> )‎ 

They passed the audit checking whether they reliably verify the
credentials before signing certs.

> But xmpp doesn't have the downgrade option. 

You do not need to downgrade to unencrypted channel. MITM can aswell
proxy an encrypted connection on both sides decrypting/encrypting on
flight. As long as clients accept self-signed certs blindly, without
consulting CA registry.

 /o__ Documentation is like sex: when it is good, it is very, very good; and
(_<^' when it is bad, it is better than nothing.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to