Hi Peter! Peter Saint-Andre schrieb am 2004-11-11 17:53:30: > > Allowing self signed (or otherwise untrusted) certs with STARTTLS + > > EXTERNAL is opening yourself up for a serious security breach. > Well, that's another story. But that claim on the URL I provided was > that it is technically impossible, not inadvisable from a security > standpoint.
I might have expressed it wrong, but what I wanted to tell is how JD
read it. Sure it is technically possible to use self-signed certificates
for SASL EXTERNAL. And if you do it within your own administrative
domain, you have full security as well (maybe not using really
self-signed certs but certs signed by your own CA).
Tot kijk
Matthias
--
Fon: +49-(0)70 0770 07770 http://web.amessage.info
Fax: +49-(0)89 312 88 654 xmpp:[EMAIL PROTECTED]
signature.asc
Description: Digital signature
_______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mail.jabber.org/mailman/listinfo/jdev
