Hi all, It's been discussend and I'm keen to find out about authenticated and encrypted s2s.
So I wonder what, if any, the current “standards” or suggestions on this one are. I'm a fan of CACert, and I'd like to stick for that. How's the reputation of CACert in the XMPP community? I believe I read somewhere that hardly anyone really does validation of the s2s-TLS-connection if one is used at all? To boil it down: What would I need as a server operator to have the optimal setup for s2s TLS? If there are no standards yet here (although I guess there are some, based on the behaviour of current implementations), I think we shall discuss this, with the major blocker “Google Federation” out of the way. regards, Jonas ps.: hopefully this mail will not dupe, I think I used the wrong sender address on my previous attempt
