-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Justin Karneges wrote: > On Wednesday 24 May 2006 13:46, Peter Saint-Andre wrote: >> I am working with a certification authority on adding XMPP support to >> the certificates they issue. My contact there wants to know about how >> various jabber/xmpp server implementations handle certificates. That is, >> do the servers operate like Apache (where you install a key, certificate >> and various CA files) or can they handle pkx files (like IIS or Domain >> Controllers of the Microsoft type)? > > Speaking for Ambrosia (which is not very relevant, but...), currently PEM > files are used, but PKCS#12 files (e.g. pkx) sure are convenient. :) It is a > standard format by the way, not a Microsoft-ism, and OpenSSL has supported it > since forever. I plan to support both methods. > > And that will go for Psi too, when specifying a client cert (something I > don't > think you mentioned in either thread?).
I haven't started to think about client-side certs much yet, since end users find them awfully confusing. I think it would be good for clients to support them, but right now I'm more focused on making sure that both clients and servers correctly handle server certs (and that we start using server certs much more widely). Peter - -- Peter Saint-Andre Jabber Software Foundation http://www.jabber.org/people/stpeter.shtml -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEdOLzNF1RSzyt3NURAoUKAKDiBLAiZbDU/kQvLFY80nzm7h0L1ACg41bH 3nyJS57+8Ivu+qMF8aXGJnY= =Vc3S -----END PGP SIGNATURE-----
smime.p7s
Description: S/MIME Cryptographic Signature
