On Wednesday 01 March 2006 15:49, Peter Saint-Andre wrote: > Yes, CAcert is great and I've been working with them to get support for > id-on-xmppAddr into their certs. But that doesn't necessarily make it > easier for people who are hosting a *lot* of XMPP domains to support TLS.
SSL/TLS is supposed to be end-to-end, in the sense that the client and server are the ends. Even if two domains are hosted at the same hosting service, I would definitely not condone sharing of the private key unless the domains are intimately related (e.g., they are owned by the same customer account). -Justin
