Gary Burd wrote:
A couple of snips from the conversation:
For hosting providers it's usually an up-sell to your
customers to add security
because it's each domain owner's responsibility to
manage their own certificate.
Extra cost and responsiblity can impede XMPP adoption.
Look, if people don't want TLS, we're not forcing them to use it. And
it's not XMPP's fault that getting a TLS certificate involves such
bureaucracy (I blame Verisign for that, really.)
There are other ways to streamline these things, such as making it
easier for people running an XMPP server to get a certificate.
As far as "cost", http://www.cacert.org/ -- use it, love it, urge
everyone to add their root certificate.
TX
