Tobias Klausmann wrote:
Hi!On Thu, 14 Aug 2008, Peter Saint-Andre wrote:What do you think?Principally speaking, I'm all for it.- Optionally require SSL/TLS for server-to-server connectionsThis might be a bump since there are server implementations that only support self-signed certs (older jabberds) or are very hairy when it comes to Cert management (Openfire makes me very unhappyin this regard).
How about TLS with self-signed certs + server dialback? At least that would give us channel encryption.
http://wiki.jabber.org/index.php/Secure_Communications_WeekIt'd be nice if that page had (links to) howtos for S2S Cert configuration for the usual server implementations (jabberd1/2,ejabberd, openfire, are there more?).
It's a wiki. People will add links. :)
Also, it could mention cacert.org (which is my free cert provider of choice).
Sure. Peter
smime.p7s
Description: S/MIME Cryptographic Signature
